aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--main/imagemagick/APKBUILD22
-rw-r--r--main/imagemagick/CVE-2016-7799.patch22
-rw-r--r--main/imagemagick/CVE-2016-7906.patch22
3 files changed, 61 insertions, 5 deletions
diff --git a/main/imagemagick/APKBUILD b/main/imagemagick/APKBUILD
index b379c98385..0ab2e44018 100644
--- a/main/imagemagick/APKBUILD
+++ b/main/imagemagick/APKBUILD
@@ -5,7 +5,7 @@ pkgname=imagemagick
pkgver=6.9.5.9
_abiver=6
_pkgver=${pkgver%.*}-${pkgver##*.}
-pkgrel=0
+pkgrel=1
pkgdesc="A collection of tools and libraries for many image formats"
url="http://www.imagemagick.org/"
arch="all"
@@ -15,7 +15,10 @@ options="libtool"
makedepends="zlib-dev libpng-dev libjpeg-turbo-dev freetype-dev fontconfig-dev
perl-dev ghostscript-dev libwebp-dev libtool tiff-dev lcms2-dev"
subpackages="$pkgname-doc $pkgname-dev $pkgname-c++:_cxx"
-source="http://www.imagemagick.org/download/releases/ImageMagick-$_pkgver.tar.xz"
+source="http://www.imagemagick.org/download/releases/ImageMagick-$_pkgver.tar.xz
+ CVE-2016-7799.patch
+ CVE-2016-7906.patch
+ "
# secfixes:
# 6.9.5.3:
@@ -28,6 +31,9 @@ source="http://www.imagemagick.org/download/releases/ImageMagick-$_pkgver.tar.xz
# - CVE-2016-5841
# - CVE-2016-5842
# - CVE-2016-6491
+# 6.9.5.9-r1:
+# - CVE-2016-7799
+# - CVE-2016-7906
_builddir="$srcdir/ImageMagick-${_pkgver}"
prepare() {
@@ -85,6 +91,12 @@ _cxx() {
mv "$pkgdir"/usr/lib/libMagick++*.so.* "$subpkgdir"/usr/lib/
}
-md5sums="fc7c456f4bee061d387a03c7484e27f1 ImageMagick-6.9.5-9.tar.xz"
-sha256sums="9c4f300daae165a6bcf46779876f9361a958076f8cd59fa203d84c70ba5bc183 ImageMagick-6.9.5-9.tar.xz"
-sha512sums="3aff67710305e3427e2effab5bd5b10c9f55ca9b755704cdea169dbe3653fe919ae603a37fb3d7c105b61c930d4652cf488f7a7ec0a2d847bfb66b8f6eb1db43 ImageMagick-6.9.5-9.tar.xz"
+md5sums="fc7c456f4bee061d387a03c7484e27f1 ImageMagick-6.9.5-9.tar.xz
+a69aaa7cfb91129faf0a6180632f37cc CVE-2016-7799.patch
+db49949a2ab7d4f593f07dcd2dd76e66 CVE-2016-7906.patch"
+sha256sums="9c4f300daae165a6bcf46779876f9361a958076f8cd59fa203d84c70ba5bc183 ImageMagick-6.9.5-9.tar.xz
+a81409f154f1d195e559aadc0caa6b4498fd6132c8d97bc3a9b55e693cb7aa75 CVE-2016-7799.patch
+a4e525f2980d665db04f15050cfce44a2dfdbf324e442f5610dfbd045214f02f CVE-2016-7906.patch"
+sha512sums="3aff67710305e3427e2effab5bd5b10c9f55ca9b755704cdea169dbe3653fe919ae603a37fb3d7c105b61c930d4652cf488f7a7ec0a2d847bfb66b8f6eb1db43 ImageMagick-6.9.5-9.tar.xz
+78d60bd48ac932adaaadaae0b26594cc72ba3e94a0752e28e775ad37c9eb0cd0f602c969e52dab0e196a9742559df5b4406dc116095a6a5852444d0f00a89aca CVE-2016-7799.patch
+f64fe197b621ae7046326ad88302c8a24e70c95c8725a8cdae56586460b00bb7137228ae04a9396b0e872bde901c464f2fbf570657d5d1c1c3592900c42d626b CVE-2016-7906.patch"
diff --git a/main/imagemagick/CVE-2016-7799.patch b/main/imagemagick/CVE-2016-7799.patch
new file mode 100644
index 0000000000..6b04f3dc4b
--- /dev/null
+++ b/main/imagemagick/CVE-2016-7799.patch
@@ -0,0 +1,22 @@
+From 00a80395a4cd17a6f420238bf9d936d3d9b65a8a Mon Sep 17 00:00:00 2001
+From: Cristy <urban-warrior@imagemagick.org>
+Date: Fri, 30 Sep 2016 15:18:03 -0400
+Subject: [PATCH] https://github.com/ImageMagick/ImageMagick/issues/280
+
+---
+ magick/profile.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/magick/profile.c b/magick/profile.c
+index baf7e70..db4083d 100644
+--- a/magick/profile.c
++++ b/magick/profile.c
+@@ -2060,7 +2060,7 @@ static MagickBooleanType SyncExifProfile(Image *image, StringInfo *profile)
+ (void) AddValueToSplayTree(exif_resources,q,q);
+ tag_value=(ssize_t) ReadProfileShort(endian,q);
+ format=(ssize_t) ReadProfileShort(endian,q+2);
+- if ((format-1) >= EXIF_NUM_FORMATS)
++ if ((format < 0) || ((format-1) >= EXIF_NUM_FORMATS))
+ break;
+ components=(ssize_t) ReadProfileLong(endian,q+4);
+ if (components < 0)
diff --git a/main/imagemagick/CVE-2016-7906.patch b/main/imagemagick/CVE-2016-7906.patch
new file mode 100644
index 0000000000..fc22b35278
--- /dev/null
+++ b/main/imagemagick/CVE-2016-7906.patch
@@ -0,0 +1,22 @@
+From d63a3c5729df59f183e9e110d5d8385d17caaad0 Mon Sep 17 00:00:00 2001
+From: Cristy <urban-warrior@imagemagick.org>
+Date: Sat, 1 Oct 2016 11:16:55 -0400
+Subject: [PATCH] https://github.com/ImageMagick/ImageMagick/issues/281
+
+---
+ magick/attribute.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/magick/attribute.c b/magick/attribute.c
+index 4e01240..53d2706 100644
+--- a/magick/attribute.c
++++ b/magick/attribute.c
+@@ -1296,7 +1296,7 @@ MagickExport MagickBooleanType SetImageType(Image *image,const ImageType type)
+ status=QuantizeImage(quantize_info,image);
+ quantize_info=DestroyQuantizeInfo(quantize_info);
+ }
+- image->colors=2;
++ status=AcquireImageColormap(image,2);
+ image->matte=MagickFalse;
+ break;
+ }
generated by cgit v1.2.3 (git 2.25.1) at 2025-09-13 04:22:29 +0000