packages/ImageMagick
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!112 Fix CVE-2020-27769

Browse Source 
From: @wang_yue111
Reviewed-by: @jackie_wu123,@small_leek
Signed-off-by: @small_leek
This commit is contained in:
openeuler-ci-bot 2021-05-25 19:02:47 +08:00 committed by Gitee
commit fcc1140da8
2 changed files with 41 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
CVE-2020-27769.patch Normal file
View File

@ -0,0 +1,36 @@
From d6f3c03cf55c98da87e547882379a85ce2b3dc81 Mon Sep 17 00:00:00 2001
From: Cristy <urban-warrior@imagemagick.org>
Date: Fri, 11 Oct 2019 20:21:42 -0400
Subject: [PATCH] https://github.com/ImageMagick/ImageMagick/issues/1740
---
magick/quantize.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/magick/quantize.c b/magick/quantize.c
index 0f963b4..b6c1645 100644
--- a/magick/quantize.c
+++ b/magick/quantize.c
@@ -2293,8 +2293,8 @@ MagickExport MagickBooleanType PosterizeImageChannel(Image *image,
const ChannelType channel,const size_t levels,const MagickBooleanType dither)
{
#define PosterizeImageTag "Posterize/Image"
-#define PosterizePixel(pixel) (Quantum) (QuantumRange*(MagickRound( \
- QuantumScale*pixel*(levels-1)))/MagickMax((ssize_t) levels-1,1))
+#define PosterizePixel(pixel) ClampToQuantum((MagickRealType) QuantumRange*( \
+ MagickRound(QuantumScale*pixel*(levels-1)))/MagickMax((ssize_t) levels-1,1))
CacheView
*image_view;
@@ -3342,7 +3342,7 @@ static MagickBooleanType SetGrayscaleImage(Image *image)
}
(void) memset(colormap_index,0,extent*sizeof(*colormap_index));
for (i=0; i < (ssize_t) image->colors; i++)
- image->colormap[i].opacity=(unsigned short) i;
+ image->colormap[i].opacity=(Quantum) i;
qsort((void *) image->colormap,image->colors,sizeof(PixelPacket),
IntensityCompare);
colormap=(PixelPacket *) AcquireQuantumMemory(image->colors,
--
2.23.0

6
ImageMagick.spec
View File

@ -1,7 +1,7 @@
Name: ImageMagick Name: ImageMagick
Epoch: 1 Epoch: 1
Version: 6.9.10.67 Version: 6.9.10.67
Release: 23 Release: 24
Summary: Create, edit, compose, or convert bitmap images Summary: Create, edit, compose, or convert bitmap images
License: ImageMagick and MIT License: ImageMagick and MIT
Url: http://www.imagemagick.org/ Url: http://www.imagemagick.org/
@ -57,6 +57,7 @@ Patch0047: CVE-2019-18853.patch
Patch0048: CVE-2020-27752.patch Patch0048: CVE-2020-27752.patch
Patch0049: CVE-2021-20309.patch Patch0049: CVE-2021-20309.patch
Patch0050: CVE-2021-20311-20312-20313.patch Patch0050: CVE-2021-20311-20312-20313.patch
Patch0051: CVE-2020-27769.patch
BuildRequires: bzip2-devel freetype-devel libjpeg-devel libpng-devel perl-generators BuildRequires: bzip2-devel freetype-devel libjpeg-devel libpng-devel perl-generators
BuildRequires: libtiff-devel giflib-devel zlib-devel perl-devel >= 5.8.1 jbigkit-devel BuildRequires: libtiff-devel giflib-devel zlib-devel perl-devel >= 5.8.1 jbigkit-devel
@ -213,6 +214,9 @@ rm PerlMagick/demo/Generic.ttf
%{_libdir}/pkgconfig/ImageMagick++* %{_libdir}/pkgconfig/ImageMagick++*
%changelog %changelog
* Tue May 25 2021 wangyue <wangyue92@huawei.com> - 6.9.10.67-24
- Fix CVE-2020-27769
* Thu May 20 2021 wangyue <wangyue92@huawei.com> - 6.9.10.67-23 * Thu May 20 2021 wangyue <wangyue92@huawei.com> - 6.9.10.67-23
- Fix CVE-2021-20309 CVE-2021-20311 CVE-2021-20312 CVE-2021-20313 - Fix CVE-2021-20309 CVE-2021-20311 CVE-2021-20312 CVE-2021-20313