| Message ID | 20260306150602.616834-1-skandigraun@gmail.com |
|---|---|
| State | New |
| Headers | show |
| Series | [meta-oe,whinlatter,01/11] imagemagick: patch CVE-2026-24481 | expand |
Grrrrr, drop this whole series... I just noticed that Whinlatter is using ImageMagick 7.1.2, and can be just updated... For some reason I was under the impression that it's using the previous version. Sorry for the noise. On 3/6/26 16:05, Gyorgy Sarvari wrote: > Details: https://nvd.nist.gov/vuln/detail/CVE-2026-24481 > > Backport the patch that references the related Github advisory[1] > in its description explicitly. > > [1]: https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-96pc-27rx-pr36 > > Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> > --- > .../imagemagick/CVE-2026-24481.patch | 25 +++++++++++++++++++ > .../imagemagick/imagemagick_7.1.2-13.bb | 3 ++- > 2 files changed, 27 insertions(+), 1 deletion(-) > create mode 100644 meta-oe/recipes-support/imagemagick/imagemagick/CVE-2026-24481.patch > > diff --git a/meta-oe/recipes-support/imagemagick/imagemagick/CVE-2026-24481.patch b/meta-oe/recipes-support/imagemagick/imagemagick/CVE-2026-24481.patch > new file mode 100644 > index 0000000000..3d35a3f1d6 > --- /dev/null > +++ b/meta-oe/recipes-support/imagemagick/imagemagick/CVE-2026-24481.patch > @@ -0,0 +1,25 @@ > +From 6778a890f95971c61a16593abc2cd15376d22cdd Mon Sep 17 00:00:00 2001 > +From: Dirk Lemstra <dirk@lemstra.org> > +Date: Fri, 23 Jan 2026 13:19:06 +0100 > +Subject: [PATCH] Initialize the pixels with empty values to prevent possible > + heap information disclosure (GHSA-96pc-27rx-pr36) > + > +CVE: CVE-2026-24481 > +Upstream-Status: Backport [https://github.com/ImageMagick/ImageMagick/commit/51c9d33f4770cdcfa1a029199375d570af801c97] > +Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> > +--- > + coders/psd.c | 1 + > + 1 file changed, 1 insertion(+) > + > +diff --git a/coders/psd.c b/coders/psd.c > +index 28495c6d5..bb4ceecd6 100644 > +--- a/coders/psd.c > ++++ b/coders/psd.c > +@@ -1334,6 +1334,7 @@ static MagickBooleanType ReadPSDChannelZip(Image *image, > + ThrowBinaryException(ResourceLimitError,"MemoryAllocationFailed", > + image->filename); > + } > ++ memset(pixels,0,count*sizeof(*pixels)); > + if (ReadBlob(image,compact_size,compact_pixels) != (ssize_t) compact_size) > + { > + pixels=(unsigned char *) RelinquishMagickMemory(pixels); > diff --git a/meta-oe/recipes-support/imagemagick/imagemagick_7.1.2-13.bb b/meta-oe/recipes-support/imagemagick/imagemagick_7.1.2-13.bb > index e3f4a96d6f..adf65880b6 100644 > --- a/meta-oe/recipes-support/imagemagick/imagemagick_7.1.2-13.bb > +++ b/meta-oe/recipes-support/imagemagick/imagemagick_7.1.2-13.bb > @@ -15,7 +15,8 @@ UPSTREAM_CHECK_GITTAGREGEX = "(?P<pver>([0-9][\.|_|-]?)+)" > SRC_URI = "git://github.com/ImageMagick/ImageMagick.git;branch=main;protocol=https;tag=${PV} \ > file://run-ptest \ > file://imagemagick-ptest.sh \ > -" > + file://CVE-2026-24481.patch \ > + " > > SRCREV = "dd991e286b96918917a3392d6dc3ffc0e6907a4e" >
diff --git a/meta-oe/recipes-support/imagemagick/imagemagick/CVE-2026-24481.patch b/meta-oe/recipes-support/imagemagick/imagemagick/CVE-2026-24481.patch new file mode 100644 index 0000000000..3d35a3f1d6 --- /dev/null +++ b/meta-oe/recipes-support/imagemagick/imagemagick/CVE-2026-24481.patch @@ -0,0 +1,25 @@ +From 6778a890f95971c61a16593abc2cd15376d22cdd Mon Sep 17 00:00:00 2001 +From: Dirk Lemstra <dirk@lemstra.org> +Date: Fri, 23 Jan 2026 13:19:06 +0100 +Subject: [PATCH] Initialize the pixels with empty values to prevent possible + heap information disclosure (GHSA-96pc-27rx-pr36) + +CVE: CVE-2026-24481 +Upstream-Status: Backport [https://github.com/ImageMagick/ImageMagick/commit/51c9d33f4770cdcfa1a029199375d570af801c97] +Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> +--- + coders/psd.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/coders/psd.c b/coders/psd.c +index 28495c6d5..bb4ceecd6 100644 +--- a/coders/psd.c ++++ b/coders/psd.c +@@ -1334,6 +1334,7 @@ static MagickBooleanType ReadPSDChannelZip(Image *image, + ThrowBinaryException(ResourceLimitError,"MemoryAllocationFailed", + image->filename); + } ++ memset(pixels,0,count*sizeof(*pixels)); + if (ReadBlob(image,compact_size,compact_pixels) != (ssize_t) compact_size) + { + pixels=(unsigned char *) RelinquishMagickMemory(pixels); diff --git a/meta-oe/recipes-support/imagemagick/imagemagick_7.1.2-13.bb b/meta-oe/recipes-support/imagemagick/imagemagick_7.1.2-13.bb index e3f4a96d6f..adf65880b6 100644 --- a/meta-oe/recipes-support/imagemagick/imagemagick_7.1.2-13.bb +++ b/meta-oe/recipes-support/imagemagick/imagemagick_7.1.2-13.bb @@ -15,7 +15,8 @@ UPSTREAM_CHECK_GITTAGREGEX = "(?P<pver>([0-9][\.|_|-]?)+)" SRC_URI = "git://github.com/ImageMagick/ImageMagick.git;branch=main;protocol=https;tag=${PV} \ file://run-ptest \ file://imagemagick-ptest.sh \ -" + file://CVE-2026-24481.patch \ + " SRCREV = "dd991e286b96918917a3392d6dc3ffc0e6907a4e"
Details: https://nvd.nist.gov/vuln/detail/CVE-2026-24481 Backport the patch that references the related Github advisory[1] in its description explicitly. [1]: https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-96pc-27rx-pr36 Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> --- .../imagemagick/CVE-2026-24481.patch | 25 +++++++++++++++++++ .../imagemagick/imagemagick_7.1.2-13.bb | 3 ++- 2 files changed, 27 insertions(+), 1 deletion(-) create mode 100644 meta-oe/recipes-support/imagemagick/imagemagick/CVE-2026-24481.patch