Backport the fix for CVE-2025-57807 Upstream-Status: Backport [https://github.com/ImageMagick/ImageMagick/commit/077a417a19a5ea8c85559b602754a5b928eef23e]
Add below patch to fix 0008-ImageMagick-Fix-CVE-2025-57807.patch Signed-off-by: Divyanshu Rathore <[email protected]> --- .../0008-ImageMagick-Fix-CVE-2025-57807.patch | 51 +++++++++++++++++++ .../imagemagick/imagemagick_7.0.10.bb | 1 + 2 files changed, 52 insertions(+) create mode 100644 meta-oe/recipes-support/imagemagick/files/0008-ImageMagick-Fix-CVE-2025-57807.patch diff --git a/meta-oe/recipes-support/imagemagick/files/0008-ImageMagick-Fix-CVE-2025-57807.patch b/meta-oe/recipes-support/imagemagick/files/0008-ImageMagick-Fix-CVE-2025-57807.patch new file mode 100644 index 0000000000..a0aab8afc3 --- /dev/null +++ b/meta-oe/recipes-support/imagemagick/files/0008-ImageMagick-Fix-CVE-2025-57807.patch @@ -0,0 +1,51 @@ +From 3d1a6ecbeff10e05d0609125b6feec9ecace7b85 Mon Sep 17 00:00:00 2001 +From: Divyanshu Rathore <[email protected]> +Date: Fri, 24 Oct 2025 12:37:14 +0530 +Subject: [PATCH 08/18] ImageMagick: Fix CVE-2025-57807 + +CVE: CVE-2025-57807 + +Upstream-Status: Backport [https://github.com/ImageMagick/ImageMagick/commit/077a417a19a5ea8c85559b602754a5b928eef23e] + +Comment: Refreshed hunk to match latest kirkstone + +Signed-off-by: Divyanshu Rathore <[email protected]> +--- + MagickCore/blob.c | 11 +++++++---- + 1 file changed, 7 insertions(+), 4 deletions(-) + +diff --git a/MagickCore/blob.c b/MagickCore/blob.c +index 6a15d4808..38af749fe 100644 +--- a/MagickCore/blob.c ++++ b/MagickCore/blob.c +@@ -1598,7 +1598,7 @@ static inline ssize_t WriteBlobStream(Image *image,const size_t length, + extent=(MagickSizeType) (blob_info->offset+(MagickOffsetType) length); + if (extent >= blob_info->extent) + { +- extent=blob_info->extent+blob_info->quantum+length; ++ extent+=blob_info->quantum+length; + blob_info->quantum<<=1; + if (SetBlobExtent(image,extent) == MagickFalse) + return(0); +@@ -5774,12 +5774,15 @@ MagickExport ssize_t WriteBlob(Image *image,const size_t length, + } + case BlobStream: + { +- if ((blob_info->offset+(MagickOffsetType) length) >= +- (MagickOffsetType) blob_info->extent) ++ MagickSizeType ++ extent; ++ ++ extent=(MagickSizeType) (blob_info->offset+(MagickOffsetType) length); ++ if (extent >= blob_info->extent) + { + if (blob_info->mapped != MagickFalse) + return(0); +- blob_info->extent+=length+blob_info->quantum; ++ blob_info->extent=extent+blob_info->quantum+length; + blob_info->quantum<<=1; + blob_info->data=(unsigned char *) ResizeQuantumMemory( + blob_info->data,blob_info->extent+1,sizeof(*blob_info->data)); +-- +2.34.1 + diff --git a/meta-oe/recipes-support/imagemagick/imagemagick_7.0.10.bb b/meta-oe/recipes-support/imagemagick/imagemagick_7.0.10.bb index 3566932fa2..351e1eaf8c 100644 --- a/meta-oe/recipes-support/imagemagick/imagemagick_7.0.10.bb +++ b/meta-oe/recipes-support/imagemagick/imagemagick_7.0.10.bb @@ -32,6 +32,7 @@ SRC_URI = "git://github.com/ImageMagick/ImageMagick.git;branch=main;protocol=htt file://0006-ImageMagick-Fix-CVE-2025-55004.patch \ file://0007-ImageMagick-Add-support-patch-to-fix-CVE-2025-57803.patch \ file://0007-ImageMagick-Fix-CVE-2025-57803.patch \ + file://0008-ImageMagick-Fix-CVE-2025-57807.patch \ " SRCREV = "35b4991eb0939a327f3489988c366e21068b0178" -- 2.34.1
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#122625): https://lists.openembedded.org/g/openembedded-devel/message/122625 Mute This Topic: https://lists.openembedded.org/mt/116753534/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
