new file mode 100644
@@ -0,0 +1,80 @@
+From ed4ceb060ceb72daeb931c639ae36d10c48b4b83 Mon Sep 17 00:00:00 2001
+From: Cristy <urban-warrior@imagemagick.org>
+Date: Sat, 9 Aug 2025 08:28:23 -0400
+Subject: [PATCH] CVE-2025-55154
+
+https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-qp29-wxp5-wh82
+
+CVE: CVE-2025-55154
+Upstream-Status: Backport [https://github.com/ImageMagick/ImageMagick/commit/db986e4782e9f6cc42a0e50151dc4fe43641b337]
+Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
+---
+ coders/png.c | 16 ++++++++--------
+ 1 file changed, 8 insertions(+), 8 deletions(-)
+
+diff --git a/coders/png.c b/coders/png.c
+index 9594623e3..46a6720b1 100644
+--- a/coders/png.c
++++ b/coders/png.c
+@@ -6392,19 +6392,19 @@ static Image *ReadOneMNGImage(MngReadInfo* mng_info,
+ mng_info->magn_methy = 1;
+ if (mng_info->magn_methx == 1)
+ {
+- magnified_width=mng_info->magn_ml;
++ magnified_width=(size_t) mng_info->magn_ml;
+
+ if (image->columns > 1)
+ magnified_width += mng_info->magn_mr;
+
+ if (image->columns > 2)
+- magnified_width += (png_uint_32)
++ magnified_width += (size_t)
+ ((image->columns-2)*(mng_info->magn_mx));
+ }
+
+ else
+ {
+- magnified_width=(png_uint_32) image->columns;
++ magnified_width=(size_t) image->columns;
+
+ if (image->columns > 1)
+ magnified_width += mng_info->magn_ml-1;
+@@ -6413,25 +6413,25 @@ static Image *ReadOneMNGImage(MngReadInfo* mng_info,
+ magnified_width += mng_info->magn_mr-1;
+
+ if (image->columns > 3)
+- magnified_width += (png_uint_32)
++ magnified_width += (size_t)
+ ((image->columns-3)*(mng_info->magn_mx-1));
+ }
+
+ if (mng_info->magn_methy == 1)
+ {
+- magnified_height=mng_info->magn_mt;
++ magnified_height=(size_t) mng_info->magn_mt;
+
+ if (image->rows > 1)
+ magnified_height += mng_info->magn_mb;
+
+ if (image->rows > 2)
+- magnified_height += (png_uint_32)
++ magnified_height += (size_t)
+ ((image->rows-2)*(mng_info->magn_my));
+ }
+
+ else
+ {
+- magnified_height=(png_uint_32) image->rows;
++ magnified_height=(size_t) image->rows;
+
+ if (image->rows > 1)
+ magnified_height += mng_info->magn_mt-1;
+@@ -6440,7 +6440,7 @@ static Image *ReadOneMNGImage(MngReadInfo* mng_info,
+ magnified_height += mng_info->magn_mb-1;
+
+ if (image->rows > 3)
+- magnified_height += (png_uint_32)
++ magnified_height += (size_t)
+ ((image->rows-3)*(mng_info->magn_my-1));
+ }
+
@@ -20,6 +20,7 @@ SRC_URI = "git://github.com/ImageMagick/ImageMagick.git;branch=main;protocol=htt
file://0001-https-github.com-ImageMagick-ImageMagick-security-ad.patch \
file://0001-CVE-2025-55004.patch \
file://0001-CVE-2025-55005.patch \
+ file://0001-CVE-2025-55154.patch \
"
SRCREV = "a2d96f40e707ba54b57e7d98c3277d3ea6611ace"
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-55154 Pick the commit that mentions the related github advisory in its commit message. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> --- .../imagemagick/0001-CVE-2025-55154.patch | 80 +++++++++++++++++++ .../imagemagick/imagemagick_7.1.1-43.bb | 1 + 2 files changed, 81 insertions(+) create mode 100644 meta-oe/recipes-support/imagemagick/imagemagick/0001-CVE-2025-55154.patch