| Message ID | 20251120084959.51761-2-Divyanshu.Rathore@bmwtechworks.in |
|---|---|
| State | New |
| Headers | show |
| Series | [meta-oe,kirkstone,01/12] ImageMagick: Fix CVE-2025-53014 | expand |
There is a fuzz in this patch, when I apply it on top of the first patch in this series. Could you please rebase it? Applying patch 0002-ImageMagick-Fix-CVE-2025-53101.patch patching file MagickCore/image.c Hunk #1 succeeded at 1652 (offset 2 lines). Hunk #2 succeeded at 1665 with fuzz 1 (offset 2 lines). On 11/20/25 09:49, Divyanshu Rathore via lists.openembedded.org wrote: > From: Divyanshu Rathore <divyanshu.rathore@bmwtechworks.in> > > Backport the fix for CVE-2025-53101 > > Add below patch to fix > 0002-ImageMagick-Fix-CVE-2025-53101.patch > > Signed-off-by: Divyanshu Rathore <divyanshu.rathore@bmwtechworks.in> > --- > .../0002-ImageMagick-Fix-CVE-2025-53101.patch | 60 +++++++++++++++++++ > .../imagemagick/imagemagick_7.0.10.bb | 1 + > 2 files changed, 61 insertions(+) > create mode 100644 meta-oe/recipes-support/imagemagick/files/0002-ImageMagick-Fix-CVE-2025-53101.patch > > diff --git a/meta-oe/recipes-support/imagemagick/files/0002-ImageMagick-Fix-CVE-2025-53101.patch b/meta-oe/recipes-support/imagemagick/files/0002-ImageMagick-Fix-CVE-2025-53101.patch > new file mode 100644 > index 0000000000..3b31886ae1 > --- /dev/null > +++ b/meta-oe/recipes-support/imagemagick/files/0002-ImageMagick-Fix-CVE-2025-53101.patch > @@ -0,0 +1,60 @@ > +From cb29701ae86c2a5b46bdf705bf0df7db152eda68 Mon Sep 17 00:00:00 2001 > +From: Divyanshu Rathore <Divyanshu.Rathore@bmwtechworks.in> > +Date: Wed, 5 Nov 2025 12:54:53 +0530 > +Subject: [PATCH 6/8] ImageMagick: Fix CVE-2025-53101 > + > +CVE: CVE-2025-53101 > +Upstream-Status: Backport [https://github.com/ImageMagick/ImageMagick/commit/66dc8f51c11b0ae1f1cdeacd381c3e9a4de69774] > +Reference: https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-qh3h-j545-h8c9 > + > +Comment: Refreshed hunk to match latest kirkstone > + > +Signed-off-by: Divyanshu Rathore <Divyanshu.Rathore@bmwtechworks.in> > +--- > + MagickCore/image.c | 13 +++++++------ > + 1 file changed, 7 insertions(+), 6 deletions(-) > + > +diff --git a/MagickCore/image.c b/MagickCore/image.c > +index 34804e522..bf9d53325 100644 > +--- a/MagickCore/image.c > ++++ b/MagickCore/image.c > +@@ -1650,7 +1650,6 @@ MagickExport size_t InterpretImageFilename(const ImageInfo *image_info, > + *p; > + > + ssize_t > +- field_width, > + offset; > + > + canonical=MagickFalse; > +@@ -1664,21 +1663,23 @@ MagickExport size_t InterpretImageFilename(const ImageInfo *image_info, > + p=q+1; > + continue; > + } > +- field_width=0; > +- if (*q == '0') > +- field_width=(ssize_t) strtol(q,&q,10); > + switch (*q) > + { > + case 'd': > + case 'o': > + case 'x': > + { > ++ ssize_t > ++ count; > ++ > + q++; > + c=(*q); > + *q='\0'; > +- (void) FormatLocaleString(filename+(p-format-offset),(size_t) > ++ count=FormatLocaleString(filename+(p-format-offset),(size_t) > + (MagickPathExtent-(p-format-offset)),p,value); > +- offset+=(4-field_width); > ++ if ((count <= 0) || (count > (MagickPathExtent-(p-format-offset)))) > ++ return(0); > ++ offset+=(ssize_t) ((q-p)-count); > + *q=c; > + (void) ConcatenateMagickString(filename,q,MagickPathExtent); > + canonical=MagickTrue; > +-- > +2.34.1 > + > diff --git a/meta-oe/recipes-support/imagemagick/imagemagick_7.0.10.bb b/meta-oe/recipes-support/imagemagick/imagemagick_7.0.10.bb > index e0d584f165..9744e1e919 100644 > --- a/meta-oe/recipes-support/imagemagick/imagemagick_7.0.10.bb > +++ b/meta-oe/recipes-support/imagemagick/imagemagick_7.0.10.bb > @@ -24,6 +24,7 @@ SRC_URI = "git://github.com/ImageMagick/ImageMagick.git;branch=main;protocol=htt > file://CVE-2023-34474.patch \ > file://CVE-2023-5341.patch \ > file://0001-ImageMagick-Fix-CVE-2025-53014.patch \ > + file://0002-ImageMagick-Fix-CVE-2025-53101.patch \ > " > > SRCREV = "35b4991eb0939a327f3489988c366e21068b0178" > > -=-=-=-=-=-=-=-=-=-=-=- > Links: You receive all messages sent to this group. > View/Reply Online (#121945): https://lists.openembedded.org/g/openembedded-devel/message/121945 > Mute This Topic: https://lists.openembedded.org/mt/116392325/6084445 > Group Owner: openembedded-devel+owner@lists.openembedded.org > Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [skandigraun@gmail.com] > -=-=-=-=-=-=-=-=-=-=-=- >
diff --git a/meta-oe/recipes-support/imagemagick/files/0002-ImageMagick-Fix-CVE-2025-53101.patch b/meta-oe/recipes-support/imagemagick/files/0002-ImageMagick-Fix-CVE-2025-53101.patch new file mode 100644 index 0000000000..3b31886ae1 --- /dev/null +++ b/meta-oe/recipes-support/imagemagick/files/0002-ImageMagick-Fix-CVE-2025-53101.patch @@ -0,0 +1,60 @@ +From cb29701ae86c2a5b46bdf705bf0df7db152eda68 Mon Sep 17 00:00:00 2001 +From: Divyanshu Rathore <Divyanshu.Rathore@bmwtechworks.in> +Date: Wed, 5 Nov 2025 12:54:53 +0530 +Subject: [PATCH 6/8] ImageMagick: Fix CVE-2025-53101 + +CVE: CVE-2025-53101 +Upstream-Status: Backport [https://github.com/ImageMagick/ImageMagick/commit/66dc8f51c11b0ae1f1cdeacd381c3e9a4de69774] +Reference: https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-qh3h-j545-h8c9 + +Comment: Refreshed hunk to match latest kirkstone + +Signed-off-by: Divyanshu Rathore <Divyanshu.Rathore@bmwtechworks.in> +--- + MagickCore/image.c | 13 +++++++------ + 1 file changed, 7 insertions(+), 6 deletions(-) + +diff --git a/MagickCore/image.c b/MagickCore/image.c +index 34804e522..bf9d53325 100644 +--- a/MagickCore/image.c ++++ b/MagickCore/image.c +@@ -1650,7 +1650,6 @@ MagickExport size_t InterpretImageFilename(const ImageInfo *image_info, + *p; + + ssize_t +- field_width, + offset; + + canonical=MagickFalse; +@@ -1664,21 +1663,23 @@ MagickExport size_t InterpretImageFilename(const ImageInfo *image_info, + p=q+1; + continue; + } +- field_width=0; +- if (*q == '0') +- field_width=(ssize_t) strtol(q,&q,10); + switch (*q) + { + case 'd': + case 'o': + case 'x': + { ++ ssize_t ++ count; ++ + q++; + c=(*q); + *q='\0'; +- (void) FormatLocaleString(filename+(p-format-offset),(size_t) ++ count=FormatLocaleString(filename+(p-format-offset),(size_t) + (MagickPathExtent-(p-format-offset)),p,value); +- offset+=(4-field_width); ++ if ((count <= 0) || (count > (MagickPathExtent-(p-format-offset)))) ++ return(0); ++ offset+=(ssize_t) ((q-p)-count); + *q=c; + (void) ConcatenateMagickString(filename,q,MagickPathExtent); + canonical=MagickTrue; +-- +2.34.1 + diff --git a/meta-oe/recipes-support/imagemagick/imagemagick_7.0.10.bb b/meta-oe/recipes-support/imagemagick/imagemagick_7.0.10.bb index e0d584f165..9744e1e919 100644 --- a/meta-oe/recipes-support/imagemagick/imagemagick_7.0.10.bb +++ b/meta-oe/recipes-support/imagemagick/imagemagick_7.0.10.bb @@ -24,6 +24,7 @@ SRC_URI = "git://github.com/ImageMagick/ImageMagick.git;branch=main;protocol=htt file://CVE-2023-34474.patch \ file://CVE-2023-5341.patch \ file://0001-ImageMagick-Fix-CVE-2025-53014.patch \ + file://0002-ImageMagick-Fix-CVE-2025-53101.patch \ " SRCREV = "35b4991eb0939a327f3489988c366e21068b0178"