mirror of
https://github.com/openembedded/meta-openembedded.git
synced 2026-07-15 16:07:26 +00:00
ImageMagick: Fix CVE-2025-53014
Backport the fix for CVE-2025-53014 Upstream-Status: Backport [https://github.com/ImageMagick/ImageMagick/commit/29d82726c7ec20c07c49ba263bdcea16c2618e03] Add below patch to fix CVE-2025-53014 0001-ImageMagick-Fix-CVE-2025-53014.patch Signed-off-by: Divyanshu Rathore <Divyanshu.Rathore@bmwtechworks.in> Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
This commit is contained in:
committed by
Gyorgy Sarvari
parent
cac725f7d2
commit
520f64ef3c
@@ -0,0 +1,32 @@
|
|||||||
|
From a16d86759bd9171fca247c4e764ffeeeb7232d9b Mon Sep 17 00:00:00 2001
|
||||||
|
From: Divyanshu Rathore <divyanshu.rathore@bmwtechworks.in>
|
||||||
|
Date: Mon, 29 Sep 2025 13:56:59 +0530
|
||||||
|
Subject: [PATCH 01/18] ImageMagick: Fix CVE-2025-53014
|
||||||
|
|
||||||
|
Correct out of bounds read of a single byte.
|
||||||
|
CVE: CVE-2025-53014
|
||||||
|
Upstream-Status: Backport [https://github.com/ImageMagick/ImageMagick/commit/29d82726c7ec20c07c49ba263bdcea16c2618e03.patch]
|
||||||
|
|
||||||
|
Comment: Refreshed hunk to match latest kirkstone
|
||||||
|
|
||||||
|
Signed-off-by: Divyanshu Rathore <divyanshu.rathore@bmwtechworks.in>
|
||||||
|
---
|
||||||
|
MagickCore/image.c | 2 +-
|
||||||
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/MagickCore/image.c b/MagickCore/image.c
|
||||||
|
index 34804e522..fe2a1cb5f 100644
|
||||||
|
--- a/MagickCore/image.c
|
||||||
|
+++ b/MagickCore/image.c
|
||||||
|
@@ -1661,7 +1661,7 @@ MagickExport size_t InterpretImageFilename(const ImageInfo *image_info,
|
||||||
|
q=(char *) p+1;
|
||||||
|
if (*q == '%')
|
||||||
|
{
|
||||||
|
- p=q+1;
|
||||||
|
+ p++;
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
field_width=0;
|
||||||
|
--
|
||||||
|
2.34.1
|
||||||
|
|
||||||
@@ -26,6 +26,7 @@ SRC_URI = "git://github.com/ImageMagick/ImageMagick.git;branch=main;protocol=htt
|
|||||||
file://CVE-2023-34474.patch \
|
file://CVE-2023-34474.patch \
|
||||||
file://CVE-2023-5341.patch \
|
file://CVE-2023-5341.patch \
|
||||||
file://CVE-2022-28463.patch \
|
file://CVE-2022-28463.patch \
|
||||||
|
file://0001-ImageMagick-Fix-CVE-2025-53014.patch \
|
||||||
"
|
"
|
||||||
|
|
||||||
SRCREV = "35b4991eb0939a327f3489988c366e21068b0178"
|
SRCREV = "35b4991eb0939a327f3489988c366e21068b0178"
|
||||||
|
|||||||
Reference in New Issue
Block a user