From fd14b1dcf3036346dbdc4c38d56aa01f588a1a69d54cdb599d63356e9172c198 Mon Sep 17 00:00:00 2001
From: Petr Gajdos <pgajdos@suse.com>
Date: Tue, 31 May 2016 07:28:14 +0000
Subject: [PATCH] - security update:   * CVE-2016-5118 [bsc#982178]     +
 GraphicsMagick-CVE-2016-5118.patch

OBS-URL: https://build.opensuse.org/package/show/graphics/ImageMagick?expand=0&rev=256
---
 ImageMagick-CVE-2016-5118.patch | 14 ++++++++++++++
 ImageMagick.changes             |  7 +++++++
 ImageMagick.spec                |  2 ++
 3 files changed, 23 insertions(+)
 create mode 100644 ImageMagick-CVE-2016-5118.patch

diff --git a/ImageMagick-CVE-2016-5118.patch b/ImageMagick-CVE-2016-5118.patch
new file mode 100644
index 0000000..0505061
--- /dev/null
+++ b/ImageMagick-CVE-2016-5118.patch
@@ -0,0 +1,14 @@
+Index: ImageMagick-6.9.4-1/magick/blob.c
+===================================================================
+--- ImageMagick-6.9.4-1.orig/magick/blob.c	2016-05-09 19:28:58.000000000 +0200
++++ ImageMagick-6.9.4-1/magick/blob.c	2016-05-30 17:33:03.569022390 +0200
+@@ -80,6 +80,9 @@
+   Define declarations.
+ */
+ #define MagickMaxBlobExtent  65541
++
++#undef MAGICKCORE_HAVE_POPEN
++
+ #if !defined(MAP_ANONYMOUS) && defined(MAP_ANON)
+ # define MAP_ANONYMOUS  MAP_ANON
+ #endif
diff --git a/ImageMagick.changes b/ImageMagick.changes
index 921700e..270a8c4 100644
--- a/ImageMagick.changes
+++ b/ImageMagick.changes
@@ -1,3 +1,10 @@
+-------------------------------------------------------------------
+Tue May 31 07:23:22 UTC 2016 - pgajdos@suse.com
+
+- security update:
+  * CVE-2016-5118 [bsc#982178]
+    + GraphicsMagick-CVE-2016-5118.patch
+
 -------------------------------------------------------------------
 Tue May 17 09:10:23 UTC 2016 - pgajdos@suse.com
 
diff --git a/ImageMagick.spec b/ImageMagick.spec
index 7c7bfb7..2a30a81 100644
--- a/ImageMagick.spec
+++ b/ImageMagick.spec
@@ -93,6 +93,7 @@ Patch4:         ImageMagick-6.8.5.7-no-XPMCompliance.patch
 # will ask upstream if needed, or if other solution exists
 Patch11:        ImageMagick-6.8.4.0-dont-build-in-install.patch
 Patch20:        ImageMagick-6.8.8-1-disable-insecure-coders.patch
+Patch21:        ImageMagick-CVE-2016-5118.patch
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 
 %package -n perl-PerlMagick
@@ -253,6 +254,7 @@ HTML documentation for ImageMagick library and scene examples.
 %patch4
 %patch11
 %patch20 -p1
+%patch21 -p1
 
 # remove executeable bits from per demos
 chmod -x PerlMagick/demo/*.pl