Compare commits
32 Commits
| Author | SHA256 | Date | |
|---|---|---|---|
| 15d98374bf | |||
| e1052f8ec9 | |||
| f605b5888d | |||
| ff32289eb8 | |||
| ded44a4fc4 | |||
| b5e494a862 | |||
| c20a106c76 | |||
| 721aa28350 | |||
|
cc7a87347a | ||
|
|
22891133b8 | ||
| 780c232570 | |||
| 4153cc3c11 | |||
| 6644cc2fd2 | |||
| dca7eedb8e | |||
| 9025cd9af5 | |||
| 719d7c838b | |||
| 2cffe6e841 | |||
| 59a8354071 | |||
| 96bb80ef14 | |||
| f0af632181 | |||
| d5e872d2f6 | |||
| 5b14e012ae | |||
| 931e67ae4f | |||
| dc8e6175a8 | |||
| 4f0b39bf0c | |||
| 488bb59e77 | |||
| 801f41fa2b | |||
| 9e2443ab33 | |||
| 8fea280f7e | |||
| bfcc484490 | |||
| 233cdd1a7c | |||
| a9482e64e9 |
3
ImageMagick-7.1.2-13.tar.xz
Normal file
3
ImageMagick-7.1.2-13.tar.xz
Normal file
@@ -0,0 +1,3 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:968e022c8c7ee620680bac658628ef0f582be7b8aa71b386a9a9d068ec17dbd2
|
||||
size 10805152
|
||||
16
ImageMagick-7.1.2-13.tar.xz.asc
Normal file
16
ImageMagick-7.1.2-13.tar.xz.asc
Normal file
@@ -0,0 +1,16 @@
|
||||
-----BEGIN PGP SIGNATURE-----
|
||||
|
||||
iQIzBAABCgAdFiEE2Ccu9R2iI+TQW0Zpiatj1IJ3N3oFAmludfcACgkQiatj1IJ3
|
||||
N3rRAhAAoeXH5xDosG846p3e+VAif8DiYCb1fkdHaPesq/exAQYTHHUpv0lkC0+8
|
||||
9GZQ4/0GZlMMF4IJHUxfSBCwdbVQonx3ttg87ZGICfIJ9OJsAqUHzTxwzEipxHg5
|
||||
Ow+ZmHl5bv927fiW6x0gKXuHmjyp4g2uF71PbFLUjHKhGc5swvcm4pjH7dbc7cx3
|
||||
aZV6gAbYCzbsZhmCJ59lbrAbfPewMaUPq80YtwLoBo0WRte2klZ116PjN/hVNOEb
|
||||
wWzNFu9ZVrP5xFY5SLLQELBYEop22TGcfzFicUVRGLvIcNE3Lc5oKgVHWENjd5Xa
|
||||
gde7TVKcSHVAphdBoXyW7si9ibORIk6QyqbCobzPgbARTBEjWdDSHFgwdWSkCBAO
|
||||
qnqilvqXiJYHPErMIN0FTVMuVckMWEmV2pmJlORvapTdYJv4ROd0wzPP6OAynju+
|
||||
ODHm6HAoEO2Kg2aCA3nxOfww0samtvu7XJdiPV7kTTKxz1wEIz7A+Z5vfIyYFlDH
|
||||
9wcD1hAoEABV9nkShuAjF/XGPap1a1Va0vKX/q4eG77NHjAPIcdbiBmI+XOGgSRK
|
||||
CRQdGI502QZ2A4bH7oxgax8UQgQWIVPHGBLZxJLniFwpH3IQ6BEq9miDFQGc4bSq
|
||||
b3y2MZ/R3WEVCafmOt9F6/L8OsZ3hF11e8WAoLsrUcEH9WD7d3U=
|
||||
=toTL
|
||||
-----END PGP SIGNATURE-----
|
||||
BIN
ImageMagick-7.1.2-8.tar.xz
LFS
BIN
ImageMagick-7.1.2-8.tar.xz
LFS
Binary file not shown.
@@ -1,16 +0,0 @@
|
||||
-----BEGIN PGP SIGNATURE-----
|
||||
|
||||
iQIzBAABCgAdFiEE2Ccu9R2iI+TQW0Zpiatj1IJ3N3oFAmj+Hz4ACgkQiatj1IJ3
|
||||
N3p+Vg/8CYxJgRHvCO4s3QFacyNM+e9TL4ssBBkkXDf2fk6tYQCqLD+iPqMPswjb
|
||||
qYZDsD2oDGCaqnciMIlF1782Gt67tjFFr57ikAJopqILWHBXfL4M81VoehHIjsao
|
||||
DS/DuxR/8DoOSsvWzDDEv98On1339HCncPlfbg5NDKEMNeWjq/RdNiFnNspjxhhp
|
||||
nbsGN9Eu1ToxIWXG7lA9diRk6wTpyuRqlPrKy1kSYaItjKpR9lkFY4zhCnISGUDr
|
||||
pvghTId+oksr1CZaa3SlMN53MGUEMMbl0FhRF6vYhm3bLVQr2s5NVdG/E6W98VAv
|
||||
aukurXRy65mJl2ohVzCSfyFi3Y3BFqsLNvqPIE/cYaFuXhDbcd+nrXi5zalSIrA+
|
||||
Er58sU8TY6fqA1XLImIhnlyJkZCFB30wyW11eIBmeKQXNL/OpkY0YoUoQT5F7GcZ
|
||||
50MlFgDNAUJR3O6C+Wxf8Kpcsvf+1OIJilBWb25+YSMig14nnIjajo2/uXMGoooJ
|
||||
XqtQ7HgFdWb6YQi4lsVadqSKTpMeEMsSh2OaUNi5aphME4Q9CFVJrqx1EWBtNP2q
|
||||
OteBMak+64cq5ko5qwp/C4/ahPk8agNAXwRkse4ouRkZh12LLHOmaMlGU6KbnQAI
|
||||
MboY4jmK+DbymyjiXNt5Qg9CO/hSshYra+tKcDZzpdLQerTNSew=
|
||||
=djpT
|
||||
-----END PGP SIGNATURE-----
|
||||
@@ -1,23 +0,0 @@
|
||||
From 6f81eb15f822ad86e8255be75efad6f9762c32f8 Mon Sep 17 00:00:00 2001
|
||||
From: Dirk Lemstra <dirk@lemstra.org>
|
||||
Date: Sun, 23 Nov 2025 09:17:29 +0100
|
||||
Subject: [PATCH] Correct incorrect free (GHSA-q3hc-j9x5-mp9m)
|
||||
|
||||
---
|
||||
Magick++/lib/Options.cpp | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/Magick++/lib/Options.cpp b/Magick++/lib/Options.cpp
|
||||
index c25604558a4..027d54719c3 100644
|
||||
--- a/Magick++/lib/Options.cpp
|
||||
+++ b/Magick++/lib/Options.cpp
|
||||
@@ -310,7 +310,7 @@ void Magick::Options::fontFamily(const std::string &family_)
|
||||
{
|
||||
if (family_.length() == 0)
|
||||
{
|
||||
- _drawInfo->family=(char *) RelinquishMagickMemory(_drawInfo->font);
|
||||
+ _drawInfo->family=(char *) RelinquishMagickMemory(_drawInfo->family);
|
||||
DestroyString(RemoveImageOption(imageInfo(),"family"));
|
||||
}
|
||||
else
|
||||
|
||||
@@ -1,25 +0,0 @@
|
||||
From bdae0681ad1e572defe62df85834218f01e6d670 Mon Sep 17 00:00:00 2001
|
||||
From: Dirk Lemstra <dirk@lemstra.org>
|
||||
Date: Tue, 2 Dec 2025 22:49:12 +0100
|
||||
Subject: [PATCH] Added extra check to avoid an overflow on 32-bit machines
|
||||
(GHSA-6hjr-v6g4-3fm8)
|
||||
|
||||
---
|
||||
coders/tim.c | 3 ++-
|
||||
1 file changed, 2 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/coders/tim.c b/coders/tim.c
|
||||
index db60f32e65a..b87e06d2ceb 100644
|
||||
--- a/coders/tim.c
|
||||
+++ b/coders/tim.c
|
||||
@@ -231,7 +231,8 @@ static Image *ReadTIMImage(const ImageInfo *image_info,ExceptionInfo *exception)
|
||||
(void) ReadBlobLSBShort(image);
|
||||
width=ReadBlobLSBShort(image);
|
||||
height=ReadBlobLSBShort(image);
|
||||
- image_size=2*width*height;
|
||||
+ if (HeapOverflowSanityCheckGetSize(2*width,height,&image_size) != MagickFalse)
|
||||
+ ThrowReaderException(CorruptImageError,"ImproperImageHeader");
|
||||
if (image_size > GetBlobSize(image))
|
||||
ThrowReaderException(CorruptImageError,"InsufficientImageDataInFile");
|
||||
bytes_per_line=width*2;
|
||||
|
||||
@@ -1,107 +0,0 @@
|
||||
From 6f431d445f3ddd609c004a1dde617b0a73e60beb Mon Sep 17 00:00:00 2001
|
||||
From: Cristy <urban-warrior@imagemagick.org>
|
||||
Date: Sun, 21 Dec 2025 12:43:08 -0500
|
||||
Subject: [PATCH]
|
||||
https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-p27m-hp98-6637
|
||||
|
||||
---
|
||||
coders/msl.c | 24 ++++++++++++++++--------
|
||||
coders/svg.c | 8 +++++++-
|
||||
2 files changed, 23 insertions(+), 9 deletions(-)
|
||||
|
||||
diff --git a/coders/msl.c b/coders/msl.c
|
||||
index 2424e9883f0..8ede13b81e4 100644
|
||||
--- a/coders/msl.c
|
||||
+++ b/coders/msl.c
|
||||
@@ -120,6 +120,7 @@ typedef struct _MSLInfo
|
||||
*exception;
|
||||
|
||||
ssize_t
|
||||
+ depth,
|
||||
n,
|
||||
number_groups;
|
||||
|
||||
@@ -328,6 +329,10 @@ static void MSLStartElement(void *context,const xmlChar *tag,
|
||||
RectangleInfo
|
||||
geometry;
|
||||
|
||||
+ size_t
|
||||
+ height,
|
||||
+ width;
|
||||
+
|
||||
ssize_t
|
||||
i,
|
||||
j,
|
||||
@@ -336,11 +341,6 @@ static void MSLStartElement(void *context,const xmlChar *tag,
|
||||
x,
|
||||
y;
|
||||
|
||||
-
|
||||
- size_t
|
||||
- height,
|
||||
- width;
|
||||
-
|
||||
xmlParserCtxtPtr
|
||||
parser;
|
||||
|
||||
@@ -352,6 +352,13 @@ static void MSLStartElement(void *context,const xmlChar *tag,
|
||||
exception=AcquireExceptionInfo();
|
||||
parser=(xmlParserCtxtPtr) context;
|
||||
msl_info=(MSLInfo *) parser->_private;
|
||||
+ if (msl_info->depth++ >= MagickMaxRecursionDepth)
|
||||
+ {
|
||||
+ (void) ThrowMagickException(msl_info->exception,GetMagickModule(),
|
||||
+ DrawError,"VectorGraphicsNestedTooDeeply","`%s'",tag);
|
||||
+ xmlStopParser((xmlParserCtxtPtr) context);
|
||||
+ return;
|
||||
+ }
|
||||
n=msl_info->n;
|
||||
keyword=(const char *) NULL;
|
||||
value=(char *) NULL;
|
||||
@@ -7057,15 +7064,15 @@ static void MSLStartElement(void *context,const xmlChar *tag,
|
||||
|
||||
static void MSLEndElement(void *context,const xmlChar *tag)
|
||||
{
|
||||
- ssize_t
|
||||
- n;
|
||||
-
|
||||
MSLInfo
|
||||
*msl_info;
|
||||
|
||||
xmlParserCtxtPtr
|
||||
parser;
|
||||
|
||||
+ ssize_t
|
||||
+ n;
|
||||
+
|
||||
/*
|
||||
Called when the end of an element has been detected.
|
||||
*/
|
||||
@@ -7158,6 +7165,7 @@ static void MSLEndElement(void *context,const xmlChar *tag)
|
||||
}
|
||||
if (msl_info->content != (char *) NULL)
|
||||
msl_info->content=DestroyString(msl_info->content);
|
||||
+ msl_info->depth--;
|
||||
}
|
||||
|
||||
static void MSLCharacters(void *context,const xmlChar *c,int length)
|
||||
diff --git a/coders/svg.c b/coders/svg.c
|
||||
index ed662770d23..5d042cce85f 100644
|
||||
--- a/coders/svg.c
|
||||
+++ b/coders/svg.c
|
||||
@@ -1250,7 +1250,13 @@ static void SVGStartElement(void *context,const xmlChar *name,
|
||||
name);
|
||||
parser=(xmlParserCtxtPtr) context;
|
||||
svg_info=(SVGInfo *) parser->_private;
|
||||
- svg_info->n++;
|
||||
+ if (svg_info->n++ > MagickMaxRecursionDepth)
|
||||
+ {
|
||||
+ (void) ThrowMagickException(svg_info->exception,GetMagickModule(),
|
||||
+ DrawError,"VectorGraphicsNestedTooDeeply","`%s'",name);
|
||||
+ xmlStopParser((xmlParserCtxtPtr) context);
|
||||
+ return;
|
||||
+ }
|
||||
svg_info->scale=(double *) ResizeQuantumMemory(svg_info->scale,(size_t)
|
||||
svg_info->n+1,sizeof(*svg_info->scale));
|
||||
if (svg_info->scale == (double *) NULL)
|
||||
|
||||
@@ -1,23 +0,0 @@
|
||||
From 204718c2211903949dcfc0df8e65ed066b008dec Mon Sep 17 00:00:00 2001
|
||||
From: Cristy <urban-warrior@imagemagick.org>
|
||||
Date: Fri, 26 Dec 2025 11:22:12 -0500
|
||||
Subject: [PATCH]
|
||||
https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-7rvh-xqp3-pr8j
|
||||
|
||||
---
|
||||
MagickCore/draw.c | 1 +
|
||||
1 file changed, 1 insertion(+)
|
||||
|
||||
diff --git a/MagickCore/draw.c b/MagickCore/draw.c
|
||||
index efa1b232661..2cdedaffa75 100644
|
||||
--- a/MagickCore/draw.c
|
||||
+++ b/MagickCore/draw.c
|
||||
@@ -5701,6 +5701,7 @@ MagickExport MagickBooleanType DrawPrimitive(Image *image,
|
||||
if ((LocaleCompare(clone_info->magick,"ftp") != 0) &&
|
||||
(LocaleCompare(clone_info->magick,"http") != 0) &&
|
||||
(LocaleCompare(clone_info->magick,"https") != 0) &&
|
||||
+ (LocaleCompare(clone_info->magick,"mvg") != 0) &&
|
||||
(LocaleCompare(clone_info->magick,"vid") != 0))
|
||||
composite_images=ReadImage(clone_info,exception);
|
||||
else
|
||||
|
||||
@@ -1,69 +0,0 @@
|
||||
From 2c08c2311693759153c9aa99a6b2dcb5f985681e Mon Sep 17 00:00:00 2001
|
||||
From: Cristy <urban-warrior@imagemagick.org>
|
||||
Date: Sat, 27 Dec 2025 14:37:23 -0500
|
||||
Subject: [PATCH]
|
||||
https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-hrh7-j8q2-4qcw
|
||||
|
||||
---
|
||||
coders/svg.c | 27 ++++++++++++++++++++++-----
|
||||
1 file changed, 22 insertions(+), 5 deletions(-)
|
||||
|
||||
diff --git a/coders/svg.c b/coders/svg.c
|
||||
index 5d042cce85f..4ffb7d93e9d 100644
|
||||
--- a/coders/svg.c
|
||||
+++ b/coders/svg.c
|
||||
@@ -1250,13 +1250,14 @@ static void SVGStartElement(void *context,const xmlChar *name,
|
||||
name);
|
||||
parser=(xmlParserCtxtPtr) context;
|
||||
svg_info=(SVGInfo *) parser->_private;
|
||||
- if (svg_info->n++ > MagickMaxRecursionDepth)
|
||||
+ if (svg_info->n >= MagickMaxRecursionDepth)
|
||||
{
|
||||
(void) ThrowMagickException(svg_info->exception,GetMagickModule(),
|
||||
DrawError,"VectorGraphicsNestedTooDeeply","`%s'",name);
|
||||
xmlStopParser((xmlParserCtxtPtr) context);
|
||||
return;
|
||||
}
|
||||
+ svg_info->n++;
|
||||
svg_info->scale=(double *) ResizeQuantumMemory(svg_info->scale,(size_t)
|
||||
svg_info->n+1,sizeof(*svg_info->scale));
|
||||
if (svg_info->scale == (double *) NULL)
|
||||
@@ -4719,17 +4720,33 @@ static MagickBooleanType WriteSVGImage(const ImageInfo *image_info,Image *image,
|
||||
}
|
||||
case PathPrimitive:
|
||||
{
|
||||
- int
|
||||
- number_attributes;
|
||||
+ size_t
|
||||
+ number_attributes,
|
||||
+ quantum;
|
||||
|
||||
(void) GetNextToken(q,&q,extent,token);
|
||||
number_attributes=1;
|
||||
for (p=token; *p != '\0'; p++)
|
||||
if (isalpha((int) ((unsigned char) *p)) != 0)
|
||||
number_attributes++;
|
||||
- if (i > ((ssize_t) number_points-6*BezierQuantum*number_attributes-1))
|
||||
+ if ((6*BezierQuantum) >= (MAGICK_SSIZE_MAX/number_attributes))
|
||||
{
|
||||
- number_points+=(size_t) (6*BezierQuantum*number_attributes);
|
||||
+ (void) ThrowMagickException(exception,GetMagickModule(),
|
||||
+ ResourceLimitError,"MemoryAllocationFailed","`%s'",
|
||||
+ image->filename);
|
||||
+ break;
|
||||
+ }
|
||||
+ quantum=(size_t) 6*BezierQuantum*number_attributes;
|
||||
+ if (number_points >= (MAGICK_SSIZE_MAX-quantum))
|
||||
+ {
|
||||
+ (void) ThrowMagickException(exception,GetMagickModule(),
|
||||
+ ResourceLimitError,"MemoryAllocationFailed","`%s'",
|
||||
+ image->filename);
|
||||
+ break;
|
||||
+ }
|
||||
+ if (i > (ssize_t) (number_points-quantum-1))
|
||||
+ {
|
||||
+ number_points+=(size_t) quantum;
|
||||
primitive_info=(PrimitiveInfo *) ResizeQuantumMemory(primitive_info,
|
||||
number_points,sizeof(*primitive_info));
|
||||
if (primitive_info == (PrimitiveInfo *) NULL)
|
||||
|
||||
@@ -2,7 +2,7 @@ diff -ur ImageMagick-7.1.2-8_fix/config/policy-secure.xml ImageMagick-7.1.2-8_fi
|
||||
--- ImageMagick-7.1.2-8/config/policy-secure.xml 2025-11-06 15:30:11.995056081 +0100
|
||||
+++ ImageMagick-7.1.2-8_fix/config/policy-secure.xml 2025-11-06 15:46:05.605527563 +0100
|
||||
@@ -62,7 +62,7 @@
|
||||
<policy domain="resource" name="disk" value="1GiB"/>
|
||||
<policy domain="resource" name="disk" value="2GiB"/>
|
||||
<!-- Set the maximum length of an image sequence. When this limit is
|
||||
exceeded, an exception is thrown. -->
|
||||
- <policy domain="resource" name="list-length" value="32"/>
|
||||
|
||||
@@ -1,8 +1,8 @@
|
||||
Index: ImageMagick-7.1.2-3/configure
|
||||
Index: ImageMagick-7.1.2-11/configure
|
||||
===================================================================
|
||||
--- ImageMagick-7.1.2-3.orig/configure
|
||||
+++ ImageMagick-7.1.2-3/configure
|
||||
@@ -37237,7 +37237,9 @@ fi
|
||||
--- ImageMagick-7.1.2-11.orig/configure
|
||||
+++ ImageMagick-7.1.2-11/configure
|
||||
@@ -37253,7 +37253,9 @@ fi
|
||||
|
||||
|
||||
# Subdirectory to place architecture-dependent configuration files
|
||||
|
||||
@@ -1,30 +1,39 @@
|
||||
-------------------------------------------------------------------
|
||||
Tue Jan 6 14:56:00 UTC 2026 - Petr Gajdos <pgajdos@suse.com>
|
||||
Mon Jan 19 18:33:04 UTC 2026 - Arjen de Korte <suse+build@de-korte.org>
|
||||
|
||||
- security update
|
||||
- added patches
|
||||
CVE-2025-68618 [bsc#1255821], read a malicious SVG file may result in a DoS attack
|
||||
* ImageMagick-CVE-2025-68618.patch
|
||||
CVE-2025-68950 [bsc#1255822], check for circular references in mvg files may lead to stack overflow
|
||||
* ImageMagick-CVE-2025-68950.patch
|
||||
CVE-2025-69204 [bsc#1255823], an integer overflow can lead to a DoS attack
|
||||
* ImageMagick-CVE-2025-69204.patch
|
||||
- version update to 7.1.2.13
|
||||
* no upstream changelog, see
|
||||
https://github.com/ImageMagick/ImageMagick/compare/7.1.2-12..7.1.2-13
|
||||
- modified patches
|
||||
* ImageMagick-configuration-SUSE.patch (refreshed)
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri Dec 12 09:09:26 UTC 2025 - Petr Gajdos <pgajdos@suse.com>
|
||||
Tue Jan 6 09:32:47 UTC 2026 - Petr Gajdos <pgajdos@suse.com>
|
||||
|
||||
- security update
|
||||
- added patches
|
||||
CVE-2025-66628 [bsc#1254820], ImageMagick Integer Overflow leading to out of bounds read (32-bit only)
|
||||
* ImageMagick-CVE-2025-66628.patch
|
||||
- version update to 7.1.2.12
|
||||
* no upstream changelog, see
|
||||
https://github.com/ImageMagick/ImageMagick/compare/7.1.2-11..7.1.2-12
|
||||
* fixes CVE-2025-68618 [bsc#1255821]
|
||||
CVE-2025-68950 [bsc#1255822]
|
||||
CVE-2025-69204 [bsc#1255823]
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Dec 10 14:33:36 UTC 2025 - Petr Gajdos <pgajdos@suse.com>
|
||||
Mon Dec 22 08:39:43 UTC 2025 - Petr Gajdos <pgajdos@suse.com>
|
||||
|
||||
- security update
|
||||
- added patches
|
||||
CVE-2025-65955 [bsc#1254435], ImageMagick use-after-free/double-free
|
||||
* ImageMagick-CVE-2025-65955.patch
|
||||
- version update to 7.1.2.11
|
||||
* no upstream changelog, see
|
||||
https://github.com/ImageMagick/ImageMagick/compare/7.1.2-10..7.1.2-11
|
||||
- modified patches
|
||||
* ImageMagick-library-installable-in-parallel.patch (refreshed)
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Sun Dec 7 15:06:32 UTC 2025 - Arjen de Korte <suse+build@de-korte.org>
|
||||
|
||||
- version update to 7.1.2.10
|
||||
* no upstream changelog, see
|
||||
https://github.com/ImageMagick/ImageMagick/compare/7.1.2-8..7.1.2-10
|
||||
- fixes CVE-2025-65955 [bsc#1254435]
|
||||
CVE-2025-66628 [bsc#1254820]
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Nov 6 14:37:08 UTC 2025 - Dirk Stoecker <opensuse@dstoecker.de>
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
#
|
||||
# spec file for package ImageMagick
|
||||
#
|
||||
# Copyright (c) 2025 SUSE LLC and contributors
|
||||
# Copyright (c) 2026 SUSE LLC and contributors
|
||||
#
|
||||
# All modifications and additions to the file contributed by third parties
|
||||
# remain the property of their copyright owners, unless otherwise agreed
|
||||
@@ -21,7 +21,7 @@
|
||||
%define debug_build 0
|
||||
%define asan_build 0
|
||||
%define mfr_version 7.1.2
|
||||
%define mfr_revision 8
|
||||
%define mfr_revision 13
|
||||
%define quantum_depth 16
|
||||
%define source_version %{mfr_version}-%{mfr_revision}
|
||||
%define clibver 10
|
||||
@@ -54,16 +54,6 @@ Patch1: ImageMagick-configuration-SUSE.patch
|
||||
Patch2: ImageMagick-library-installable-in-parallel.patch
|
||||
# disable failing tests
|
||||
Patch5: ImageMagick-s390x-disable-tests.patch
|
||||
# CVE-2025-65955 [bsc#1254435], ImageMagick use-after-free/double-free
|
||||
Patch6: ImageMagick-CVE-2025-65955.patch
|
||||
# CVE-2025-66628 [bsc#1254820], ImageMagick Integer Overflow leading to out of bounds read (32-bit only)
|
||||
Patch7: ImageMagick-CVE-2025-66628.patch
|
||||
# CVE-2025-68618 [bsc#1255821], read a malicious SVG file may result in a DoS attack
|
||||
Patch8: ImageMagick-CVE-2025-68618.patch
|
||||
# CVE-2025-68950 [bsc#1255822], check for circular references in mvg files may lead to stack overflow
|
||||
Patch9: ImageMagick-CVE-2025-68950.patch
|
||||
# CVE-2025-69204 [bsc#1255823], an integer overflow can lead to a DoS attack
|
||||
Patch10: ImageMagick-CVE-2025-69204.patch
|
||||
|
||||
BuildRequires: chrpath
|
||||
BuildRequires: dejavu-fonts
|
||||
@@ -280,11 +270,6 @@ cp config/policy-secure.xml config/policy.xml
|
||||
%ifarch s390x
|
||||
%patch -P 5 -p1
|
||||
%endif
|
||||
%patch -P 6 -p1
|
||||
%patch -P 7 -p1
|
||||
%patch -P 8 -p1
|
||||
%patch -P 9 -p1
|
||||
%patch -P 10 -p1
|
||||
|
||||
%build
|
||||
# bsc#1088463
|
||||
|
||||
Reference in New Issue
Block a user