Package: release.debian.org Severity: normal Tags: bookworm X-Debbugs-Cc: [email protected] Control: affects -1 + src:imagemagick User: [email protected] Usertags: pu
[ Reason ] CVE-2025-57803 [ Impact ] CVE-2025-57803 not fixed [ Tests ] automated test [ Risks ] low code is straightforward [ Checklist ] [X] *all* changes are documented in the d/changelog [X] I reviewed all changes and I approve them [X] attach debdiff against the package in (old)stable [X] the issue is verified as fixed in unstable [ Changes ] [ Other info ]
diff -Nru imagemagick-6.9.11.60+dfsg/debian/changelog imagemagick-6.9.11.60+dfsg/debian/changelog --- imagemagick-6.9.11.60+dfsg/debian/changelog 2025-09-07 23:54:25.000000000 +0200 +++ imagemagick-6.9.11.60+dfsg/debian/changelog 2025-10-19 10:52:34.000000000 +0200 @@ -1,3 +1,17 @@ +imagemagick (8:6.9.11.60+dfsg-1.6+deb12u5) bookworm; urgency=medium + + * Fix CVE-2025-62171 (Closes: #1118340) + Integer Overflow in BMP Decoder (ReadBMP): + CVE-2025-57803 claims to be patched, but the fix is incomplete + and ineffective. + . + The patch added BMPOverflowCheck() but placed it + after the overflow occurs, making it useless. + A malicious 58-byte BMP file can trigger AddressSanitizer + crashes and DoS. + + -- Bastien Roucariès <[email protected]> Sun, 19 Oct 2025 10:52:34 +0200 + imagemagick (8:6.9.11.60+dfsg-1.6+deb12u4) bookworm-security; urgency=medium * Fix CVE-2025-53014: diff -Nru imagemagick-6.9.11.60+dfsg/debian/patches/CVE-2025-62171.patch imagemagick-6.9.11.60+dfsg/debian/patches/CVE-2025-62171.patch --- imagemagick-6.9.11.60+dfsg/debian/patches/CVE-2025-62171.patch 1970-01-01 01:00:00.000000000 +0100 +++ imagemagick-6.9.11.60+dfsg/debian/patches/CVE-2025-62171.patch 2025-10-19 10:52:34.000000000 +0200 @@ -0,0 +1,27 @@ +From: Dirk Lemstra <[email protected]> +Date: Sun, 12 Oct 2025 20:39:55 +0200 +Subject: Added extra check to resolve issue on 32-bit systems + (https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-9pp9-cfwx-54rm) + +(cherry picked from commit 456771fae8baa9558a1421ec8d522e6937d9b2d7) + +origin: https://github.com/ImageMagick/ImageMagick6/commit/456771fae8baa9558a1421ec8d522e6937d9b2d7 +bug: https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-9pp9-cfwx-54rm +bug-debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1118340 +--- + coders/bmp.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/coders/bmp.c b/coders/bmp.c +index c6ec39e..d509bd6 100644 +--- a/coders/bmp.c ++++ b/coders/bmp.c +@@ -982,6 +982,8 @@ static Image *ReadBMPImage(const ImageInfo *image_info,ExceptionInfo *exception) + ThrowReaderException(CorruptImageError,"ImproperImageHeader"); + if (bmp_info.compression == BI_RLE4) + bmp_info.bits_per_pixel<<=1; ++ if (BMPOverflowCheck(image->columns,bmp_info.bits_per_pixel) != MagickFalse) ++ ThrowReaderException(ResourceLimitError,"MemoryAllocationFailed"); + extent=image->columns*bmp_info.bits_per_pixel; + bytes_per_line=4*((extent+31)/32); + if (BMPOverflowCheck(bytes_per_line,image->rows) != MagickFalse) diff -Nru imagemagick-6.9.11.60+dfsg/debian/patches/series imagemagick-6.9.11.60+dfsg/debian/patches/series --- imagemagick-6.9.11.60+dfsg/debian/patches/series 2025-09-07 23:53:01.000000000 +0200 +++ imagemagick-6.9.11.60+dfsg/debian/patches/series 2025-10-19 10:52:34.000000000 +0200 @@ -95,3 +95,4 @@ CVE-2025-57803-pre1.patch CVE-2025-57803.patch CVE-2025-57807.patch +CVE-2025-62171.patch
signature.asc
Description: This is a digitally signed message part.
