From 8a6a4f045d58a5be1962cf750a4778c4f7fc4f1b Mon Sep 17 00:00:00 2001
From: wangxiao65 <287608437@qq.com>
Date: Thu, 25 Feb 2021 15:39:49 +0800
Subject: [PATCH] fix CVE-2021-20176

(cherry picked from commit 11a1aeb033f0e2440dc88db328f1a79cd46c41e2)
---
 CVE-2021-20176.patch | 22 ++++++++++++++++++++++
 ImageMagick.spec     |  8 ++++++--
 2 files changed, 28 insertions(+), 2 deletions(-)
 create mode 100644 CVE-2021-20176.patch

diff --git a/CVE-2021-20176.patch b/CVE-2021-20176.patch
new file mode 100644
index 0000000..201994f
--- /dev/null
+++ b/CVE-2021-20176.patch
@@ -0,0 +1,22 @@
+From 90255f0834eead08d59f46b0bda7b1580451cc0f Mon Sep 17 00:00:00 2001
+From: Cristy <mikayla-grace@urban-warrior.org>
+Date: Wed, 6 Jan 2021 18:12:06 -0500
+Subject: [PATCH] https://github.com/ImageMagick/ImageMagick/issues/3077
+
+---
+ magick/gem.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/magick/gem.c b/magick/gem.c
+index b18b69ec4..cb694cfef 100644
+--- a/magick/gem.c
++++ b/magick/gem.c
+@@ -1580,7 +1580,7 @@ MagickExport double GenerateDifferentialNoise(RandomInfo *random_info,
+         beta=GetPseudoRandomValue(random_info);
+         alpha*=beta;
+       }
+-      noise=(double) (QuantumRange*i/SigmaPoisson);
++      noise=(double) (QuantumRange*i*PerceptibleReciprocal(SigmaPoisson));
+       break;
+     }
+     case RandomNoise:
diff --git a/ImageMagick.spec b/ImageMagick.spec
index 60abfac..e626a12 100644
--- a/ImageMagick.spec
+++ b/ImageMagick.spec
@@ -1,7 +1,7 @@
 Name:           ImageMagick
 Epoch:          1
 Version:        6.9.10.67
-Release:        10
+Release:        12
 Summary:        Create, edit, compose, or convert bitmap images
 License:        ImageMagick and MIT
 Url:            http://www.imagemagick.org/
@@ -32,6 +32,7 @@ Patch0022:      CVE-2020-27754-pre-1.patch
 Patch0023:      CVE-2020-27754-pre-2.patch
 Patch0024:      CVE-2020-27754.patch
 Patch0025:      CVE-2020-25664.patch
+Patch0026:      CVE-2021-20176.patch
 
 BuildRequires:  bzip2-devel freetype-devel libjpeg-devel libpng-devel perl-generators
 BuildRequires:  libtiff-devel giflib-devel zlib-devel perl-devel >= 5.8.1 jbigkit-devel
@@ -188,7 +189,10 @@ rm PerlMagick/demo/Generic.ttf
 %{_libdir}/pkgconfig/ImageMagick++*
 
 %changelog
-* Wed Feb 10 2021 zhanghua <zhanghua40@huawei.com> - 6.9.10.67-10
+* Thu Feb 25 2021 wangxiao <wangxiao65@huawei.com> - 6.9.10.67-12
+- Fix CVE-2021-20176
+
+* Wed Feb 10 2021 zhanghua <zhanghua40@huawei.com> - 6.9.10.67-11
 - fix CVE-2020-25664 CVE-2020-27754
 
 * Tue Jan 12 2021 wangxiao <wangxiao65@huawei.com> - 6.9.10.67-9
-- 
Gitee