diff mbox series

[meta-oe,scarthgap,13/15] imagemagick: patch CVE-2025-57807

Message ID 20260108105317.460246-13-skandigraun@gmail.com
State New
Headers show
Series [meta-oe,scarthgap,01/15] imagemagick: upgrade 7.1.1-26 -> 7.1.1-47 | expand

Commit Message

Gyorgy Sarvari Jan. 8, 2026, 10:53 a.m. UTC 
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-57807

Backport the patch that's mentioned in the NVD advisory.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
---
 .../imagemagick/CVE-2025-57807.patch          | 45 +++++++++++++++++++
 .../imagemagick/imagemagick_7.1.1.bb          |  1 +
 2 files changed, 46 insertions(+)
 create mode 100644 meta-oe/recipes-support/imagemagick/imagemagick/CVE-2025-57807.patch
diff mbox series

Patch

diff --git a/meta-oe/recipes-support/imagemagick/imagemagick/CVE-2025-57807.patch b/meta-oe/recipes-support/imagemagick/imagemagick/CVE-2025-57807.patch
new file mode 100644
index 0000000000..e3476e6c02
--- /dev/null
+++ b/meta-oe/recipes-support/imagemagick/imagemagick/CVE-2025-57807.patch
@@ -0,0 +1,45 @@ 
+From c3c9b87cfde14c543c98aa2358da8d4e915715fd Mon Sep 17 00:00:00 2001
+From: Cristy <urban-warrior@imagemagick.org>
+Date: Sun, 24 Aug 2025 12:32:18 -0400
+Subject: [PATCH] 
+ https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-23hg-53q6-hqfg
+
+CVE: CVE-2025-57807
+Upstream-Status: Backport [https://github.com/ImageMagick/ImageMagick/commit/077a417a19a5ea8c85559b602754a5b928eef23e]
+Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
+---
+ MagickCore/blob.c | 11 +++++++----
+ 1 file changed, 7 insertions(+), 4 deletions(-)
+
+diff --git a/MagickCore/blob.c b/MagickCore/blob.c
+index d00b0ac57..5ee81a68b 100644
+--- a/MagickCore/blob.c
++++ b/MagickCore/blob.c
+@@ -1630,7 +1630,7 @@ static inline ssize_t WriteBlobStream(Image *image,const size_t length,
+   extent=(MagickSizeType) (blob_info->offset+(MagickOffsetType) length);
+   if (extent >= blob_info->extent)
+     {
+-      extent=blob_info->extent+blob_info->quantum+length;
++      extent+=blob_info->quantum+length;
+       blob_info->quantum<<=1;
+       if (SetBlobExtent(image,extent) == MagickFalse)
+         return(0);
+@@ -5912,12 +5912,15 @@ MagickExport ssize_t WriteBlob(Image *image,const size_t length,
+     }
+     case BlobStream:
+     {
+-      if ((blob_info->offset+(MagickOffsetType) length) >=
+-          (MagickOffsetType) blob_info->extent)
++      MagickSizeType
++        extent;
++
++      extent=(MagickSizeType) (blob_info->offset+(MagickOffsetType) length);
++      if (extent >= blob_info->extent)
+         {
+           if (blob_info->mapped != MagickFalse)
+             return(0);
+-          blob_info->extent+=length+blob_info->quantum;
++          blob_info->extent=extent+blob_info->quantum+length;
+           blob_info->quantum<<=1;
+           blob_info->data=(unsigned char *) ResizeQuantumMemory(
+             blob_info->data,blob_info->extent+1,sizeof(*blob_info->data));
diff --git a/meta-oe/recipes-support/imagemagick/imagemagick_7.1.1.bb b/meta-oe/recipes-support/imagemagick/imagemagick_7.1.1.bb
index 14a9d1eefa..7e40784005 100644
--- a/meta-oe/recipes-support/imagemagick/imagemagick_7.1.1.bb
+++ b/meta-oe/recipes-support/imagemagick/imagemagick_7.1.1.bb
@@ -22,6 +22,7 @@  SRC_URI = "git://github.com/ImageMagick/ImageMagick.git;branch=main;protocol=htt
            file://CVE-2025-55160.patch \
            file://CVE-2025-55212.patch \
            file://CVE-2025-57803.patch \
+           file://CVE-2025-57807.patch \
            "
 SRCREV = "82572afc879b439cbf8c9c6f3a9ac7626adf98fb"