From patchwork Wed Oct  8 20:59:04 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Gyorgy Sarvari <skandigraun@gmail.com>
X-Patchwork-Id: 71870
Return-Path: <skandigraun@gmail.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 7DE79CCD184
	for <webhook@archiver.kernel.org>; Wed,  8 Oct 2025 20:59:19 +0000 (UTC)
Received: from mail-ej1-f50.google.com (mail-ej1-f50.google.com
 [209.85.218.50])
 by mx.groups.io with SMTP id smtpd.web11.2601.1759957157297294567
 for <openembedded-devel@lists.openembedded.org>;
 Wed, 08 Oct 2025 13:59:17 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@gmail.com header.s=20230601 header.b=Y/oEU2eO;
 spf=pass (domain: gmail.com, ip: 209.85.218.50,
 mailfrom: skandigraun@gmail.com)
Received: by mail-ej1-f50.google.com with SMTP id
 a640c23a62f3a-b463f986f80so48209366b.2
        for <openembedded-devel@lists.openembedded.org>;
 Wed, 08 Oct 2025 13:59:17 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20230601; t=1759957156; x=1760561956;
 darn=lists.openembedded.org;
        h=content-transfer-encoding:mime-version:message-id:date:subject:to
         :from:from:to:cc:subject:date:message-id:reply-to;
        bh=FG5EXsQxA19HcClJeYuTG7Vt5NFWyu/DdusSdeCw+BU=;
        b=Y/oEU2eOKLzz07pFcL5/EkkzzghL+MoTV9IBskoKdvgBTIStkw5Wo+g7FvFpu2G6Z6
         yUQhh5fmnbYGObgJ39ZaPQq1KpyFveFYv3VahjlpL9MkEMwOkug6mBR1qzmv+6AYj1h/
         nHKI1Wi2uCK6kX1eed3/vUHq47rp+uI9vSVGFP1V+ru7zEhqRxINzPBRSx1+DUdCiPC0
         vz17ONJu/qoERqdf8x386mVKNC/actCqHnWtFqkZ7hX9WAV2GeScuCPr9t/sHrlpua1J
         WkdZkVvCh/lSxzwjiuzOaTxOfb+CrYWw31TGngXs9VKcAFkqLQ/PPCGTYegATIC1f3+g
         iNQQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1759957156; x=1760561956;
        h=content-transfer-encoding:mime-version:message-id:date:subject:to
         :from:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=FG5EXsQxA19HcClJeYuTG7Vt5NFWyu/DdusSdeCw+BU=;
        b=N2BmS2Flf5Ckay5OLkVqJlW/Gtbe+StSfQBLcgB30iad1JiPGCl2Sbp1W8HRP0CWE5
         CPeqgRHUIUY8LRKYvCFF0zoJfvorVQN6w8eJr41cB2qozzLucNlLzV58FK59TgP7InJX
         OaiTrTQFb5I/XXymbR/QgOfvsSV9Odsw9uNjtn0emIrFcS7vcgbTjIJ7zls/RFCQ5o4b
         nLGCIBIwOR0Szq37HFwV2l8HOzSnFAli2bdXE7MT6ht5OM+kdRnAuzCDW8a/Q8+V8fRy
         WaRYPpzcyFOvbGcY/owZHmCjh705/JYD+4h2iH3T6EhCnlkpi0w1rffi5mostTjjXEta
         VMdQ==
X-Gm-Message-State: AOJu0YwkldpRXyei8R8Q6hWqATYyKDaEAI34sRojTJpn748ty1hiqghE
	2VEUoWcO+8eZBbj7ZlKMM1kTvbo/ZftJTrIoY79zKvHzl3EqkP4nDmHNK8pKl/dO
X-Gm-Gg: ASbGncuxS06Gy46j2deTVcpMpdoiFna5gc02oJJ4JrqOCQaR00suhsdOgddh8Gu+Iqe
	UuStgKotlW2vWIelAGVafjEWf2whvUJgmL4zJP/+RXuskjK3/iNBo5SE1fOj1kU09x8sMScrpKK
	Gf3/Z/tYu3onYNln3kLJMkfK6Fo7faK68mYls1S0A8enycwo/os/OoLZohwA+YOhdV3zv95GjIA
	nQ0UAeSFhevrnLEpECMGUtlaO4O4hAPh0Rh+pTE+PACAeusxjuZJ5dHjA0Qak407kAlneWF1a23
	FGZEcKs6OuDCmUJdfjz3japLDZpisSxeQYQYPw9BMmU2xqw4riSJ4KirUJpUZbpYrKsVd3QsH16
	c0NVpKzNl0ahKu1OOrYS2MIX51UI0/BsXPiXe15mch0VX
X-Google-Smtp-Source: 
 AGHT+IG7AQBxvqb9eay2wFMilzvj81nbvbnddrg+8FeWRR6iP6BzMsKwXGbCtrh3L1yfjWBzwwZYfA==
X-Received: by 2002:a17:906:6a14:b0:b3a:7af8:c4a2 with SMTP id
 a640c23a62f3a-b50a9c5df86mr573806366b.10.1759957155461;
        Wed, 08 Oct 2025 13:59:15 -0700 (PDT)
Received: from desktop ([51.154.145.205])
        by smtp.gmail.com with ESMTPSA id
 a640c23a62f3a-b486a173b4csm1740511166b.86.2025.10.08.13.59.14
        for <openembedded-devel@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Wed, 08 Oct 2025 13:59:15 -0700 (PDT)
From: Gyorgy Sarvari <skandigraun@gmail.com>
To: openembedded-devel@lists.openembedded.org
Subject: [meta-oe][walnascar][PATCH 01/11] imagemagick: patch CVE-2025-53014
Date: Wed,  8 Oct 2025 22:59:04 +0200
Message-ID: <20251008205914.598660-1-skandigraun@gmail.com>
X-Mailer: git-send-email 2.51.0
MIME-Version: 1.0
List-Id: <openembedded-devel.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-devel@lists.openembedded.org>; Wed, 08 Oct 2025 20:59:19 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-devel/message/120384

Details: https://nvd.nist.gov/vuln/detail/CVE-2025-53014

Pick the patch mentioned in the related Github advisory.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
---
 ...-out-of-bounds-read-of-a-single-byte.patch | 25 +++++++++++++++++++
 .../imagemagick/imagemagick_7.1.1-43.bb       |  4 ++-
 2 files changed, 28 insertions(+), 1 deletion(-)
 create mode 100644 meta-oe/recipes-support/imagemagick/imagemagick/0001-Correct-out-of-bounds-read-of-a-single-byte.patch

diff --git a/meta-oe/recipes-support/imagemagick/imagemagick/0001-Correct-out-of-bounds-read-of-a-single-byte.patch b/meta-oe/recipes-support/imagemagick/imagemagick/0001-Correct-out-of-bounds-read-of-a-single-byte.patch
new file mode 100644
index 0000000000..c7efd155b8
--- /dev/null
+++ b/meta-oe/recipes-support/imagemagick/imagemagick/0001-Correct-out-of-bounds-read-of-a-single-byte.patch
@@ -0,0 +1,25 @@
+From 702a3003f5bcf76ea73d69f4cf8a24da2ef97a4a Mon Sep 17 00:00:00 2001
+From: Dirk Lemstra <dirk@lemstra.org>
+Date: Thu, 26 Jun 2025 23:01:07 +0200
+Subject: [PATCH] Correct out of bounds read of a single byte.
+
+CVE: CVE-2025-53014
+Upstream-Status: Backport [https://github.com/ImageMagick/ImageMagick/commit/29d82726c7ec20c07c49ba263bdcea16c2618e03]
+Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
+---
+ MagickCore/image.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/MagickCore/image.c b/MagickCore/image.c
+index 39d302875..03a5972d0 100644
+--- a/MagickCore/image.c
++++ b/MagickCore/image.c
+@@ -1678,7 +1678,7 @@ MagickExport size_t InterpretImageFilename(const ImageInfo *image_info,
+     q=(char *) p+1;
+     if (*q == '%')
+       {
+-        p=q+1;
++        p++;
+         continue;
+       }
+     field_width=0;
diff --git a/meta-oe/recipes-support/imagemagick/imagemagick_7.1.1-43.bb b/meta-oe/recipes-support/imagemagick/imagemagick_7.1.1-43.bb
index a892a55844..56f60716ba 100644
--- a/meta-oe/recipes-support/imagemagick/imagemagick_7.1.1-43.bb
+++ b/meta-oe/recipes-support/imagemagick/imagemagick_7.1.1-43.bb
@@ -12,7 +12,9 @@ DEPENDS = "lcms bzip2 jpeg libpng tiff zlib fftw freetype libtool"
 BASE_PV = "${@d.getVar('PV').split('-')[0]}"
 UPSTREAM_CHECK_GITTAGREGEX = "(?P<pver>([0-9][\.|_|-]?)+)"
 
-SRC_URI = "git://github.com/ImageMagick/ImageMagick.git;branch=main;protocol=https"
+SRC_URI = "git://github.com/ImageMagick/ImageMagick.git;branch=main;protocol=https \
+           file://0001-Correct-out-of-bounds-read-of-a-single-byte.patch \
+           "
 SRCREV = "a2d96f40e707ba54b57e7d98c3277d3ea6611ace"
 
 S = "${WORKDIR}/git"

From patchwork Wed Oct  8 20:59:05 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Gyorgy Sarvari <skandigraun@gmail.com>
X-Patchwork-Id: 71872
Return-Path: <skandigraun@gmail.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 7EC08CCA470
	for <webhook@archiver.kernel.org>; Wed,  8 Oct 2025 20:59:19 +0000 (UTC)
Received: from mail-ed1-f53.google.com (mail-ed1-f53.google.com
 [209.85.208.53])
 by mx.groups.io with SMTP id smtpd.web10.2618.1759957157989050899
 for <openembedded-devel@lists.openembedded.org>;
 Wed, 08 Oct 2025 13:59:18 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@gmail.com header.s=20230601 header.b=Po1mf7eY;
 spf=pass (domain: gmail.com, ip: 209.85.208.53,
 mailfrom: skandigraun@gmail.com)
Received: by mail-ed1-f53.google.com with SMTP id
 4fb4d7f45d1cf-62fc89cd68bso457612a12.0
        for <openembedded-devel@lists.openembedded.org>;
 Wed, 08 Oct 2025 13:59:17 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20230601; t=1759957156; x=1760561956;
 darn=lists.openembedded.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:from:to:cc:subject:date:message-id
         :reply-to;
        bh=UK2KWD91EXtWHGPErN7wSJ8AC241uBSp648TVGK7GEQ=;
        b=Po1mf7eYs/MEUznUMkf/CVXV+lmArcbsX//BR+TXOpjk9UsZZzHUn4qtENyNxF+itH
         w5HEU2oLhIDtECiFUH8WxQ7somtFRyqZ75VyngFGvguqh0v5FdShzX+l37OzRL3XWTjk
         YQI2QwCYPRptQrRLXM+cUmjtYXfWUzXcQpw1jFQJZjm9TBWxF9RN5JxTUQWZKkYHWIvx
         KTX/OiVC+Q2vJv+eRFXrq//qTRDkZ0WDO0XLFHY0y85eHcP/7bnYfG0yDnWd13AL+t/T
         mXlfuPu72oJ8k9LR7rdiaF1QsRSRXnJRVHXQRkUDiSNjrGpFYTulFwYDGy0eILjNmqsl
         iJsQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1759957156; x=1760561956;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=UK2KWD91EXtWHGPErN7wSJ8AC241uBSp648TVGK7GEQ=;
        b=sZOqVCDOPMBAWFWaN8kA4koRPlfbKtMjxGx0eQJ09M43zml/HKc9wwTCdbXPi1lezH
         8yiPkOx4S1gH5hfqPO9ujVJyPe0FPGe3jU7HPGQNZoHOJgA9YN5EbAaz96hzYAW0NuSF
         tTs6/mllYw1tSgYBSyD5uqwIHF3okIaPW8HF/maO5q6UruEoQeNPZQoShyeRr+TY8qrW
         AC0BoxO/Q65ZyxAXIVsFhy52YjmeKI6J/EL2ZrhcQfhOHkAzDQUt0V6gsJS3r4zTKn7L
         62cCjgQegDEUURptV5tAc4np39WpYN5ACTihiGLVlkjJznlgmBPHSTKivI4c0h0JONnR
         blWA==
X-Gm-Message-State: AOJu0Yw85wf2f25cCeykJMM+MZfpOAEhYrSzfG/P3BL2OQMgoMkEWWVd
	uhqyB9UcTa0Vti+YFJM0P8THd+jXMhQhLaV6GKhVgbpCnoa5LwXcl5+V39eKZyzg
X-Gm-Gg: ASbGncttWz3ycJCEASgijFQcS2ePIhpJDe0tNAnpSC4pHIOLKgTow0ewsgfloS1WD+U
	q81XdrtsMKo/0JvS4DxeO9QuqMtvMuiNHxPtdG9boVaLRyKYkLTCrVnXG4NslBWU2MSWKFCXgp3
	PtsMCX0bXNTUZO06YAirXbxf/CTco4FfBpriX6+PMm7l9WKJz6cSZcyg5nm+8UBrEYTWaMbMgpe
	k35OmmpFB6lGz9Nq+qefanJBvlTP4waz5AOf5BFqRM2pN6/ea2E5IWW7hYaIA53HJCbw+ZvSIgR
	ZZv/2xvHliBzINHaUdGRWPWri83F5bhtQ9PcEVs1bWF4j87YXFho+ZnQ2Q1oXwMk+oFO6Jdn7SH
	NsEZHZSg90WVNZuxR8C29JVYoe/JUR6Ng9TLrjt5IaBdb
X-Google-Smtp-Source: 
 AGHT+IFYQ0+TiM2z7C5FXC9UhfBDDL6Kq/wzz7W/3fVh1OyIHa2SHbvCluTVNRPtTT39YuYyPGdFgQ==
X-Received: by 2002:a17:906:6a25:b0:b3c:717a:71fd with SMTP id
 a640c23a62f3a-b50ac5d07fdmr560352766b.62.1759957156176;
        Wed, 08 Oct 2025 13:59:16 -0700 (PDT)
Received: from desktop ([51.154.145.205])
        by smtp.gmail.com with ESMTPSA id
 a640c23a62f3a-b486a173b4csm1740511166b.86.2025.10.08.13.59.15
        for <openembedded-devel@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Wed, 08 Oct 2025 13:59:15 -0700 (PDT)
From: Gyorgy Sarvari <skandigraun@gmail.com>
To: openembedded-devel@lists.openembedded.org
Subject: [meta-oe][walnascar][PATCH 02/11] imagemagick: patch CVE-2025-53015
Date: Wed,  8 Oct 2025 22:59:05 +0200
Message-ID: <20251008205914.598660-2-skandigraun@gmail.com>
X-Mailer: git-send-email 2.51.0
In-Reply-To: <20251008205914.598660-1-skandigraun@gmail.com>
References: <20251008205914.598660-1-skandigraun@gmail.com>
MIME-Version: 1.0
List-Id: <openembedded-devel.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-devel@lists.openembedded.org>; Wed, 08 Oct 2025 20:59:19 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-devel/message/120385

Details: https://nvd.nist.gov/vuln/detail/CVE-2025-53015

Pick the patches that are mentioned in the relevant github advisory.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
---
 ...ks-to-make-sure-we-don-t-get-stuck-i.patch | 48 +++++++++++++++++++
 .../0002-Added-missing-return.patch           | 24 ++++++++++
 .../imagemagick/imagemagick_7.1.1-43.bb       |  2 +
 3 files changed, 74 insertions(+)
 create mode 100644 meta-oe/recipes-support/imagemagick/imagemagick/0001-Added-extra-checks-to-make-sure-we-don-t-get-stuck-i.patch
 create mode 100644 meta-oe/recipes-support/imagemagick/imagemagick/0002-Added-missing-return.patch

diff --git a/meta-oe/recipes-support/imagemagick/imagemagick/0001-Added-extra-checks-to-make-sure-we-don-t-get-stuck-i.patch b/meta-oe/recipes-support/imagemagick/imagemagick/0001-Added-extra-checks-to-make-sure-we-don-t-get-stuck-i.patch
new file mode 100644
index 0000000000..6c15f43134
--- /dev/null
+++ b/meta-oe/recipes-support/imagemagick/imagemagick/0001-Added-extra-checks-to-make-sure-we-don-t-get-stuck-i.patch
@@ -0,0 +1,48 @@
+From aae092a403bc79933c081c6be1be1315cb231de9 Mon Sep 17 00:00:00 2001
+From: Dirk Lemstra <dirk@lemstra.org>
+Date: Fri, 2 May 2025 18:33:17 +0200
+Subject: [PATCH] Added extra checks to make sure we don't get stuck in the
+ while loop.
+
+CVE: CVE-2025-53015
+Upstream-Status: Backport [https://github.com/ImageMagick/ImageMagick/commit/229fa96a988a21d78318bbca61245a6ed1ee33a0]
+Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
+---
+ MagickCore/image-private.h |  1 +
+ MagickCore/profile.c       | 11 +++++++++++
+ 2 files changed, 12 insertions(+)
+
+diff --git a/MagickCore/image-private.h b/MagickCore/image-private.h
+index aa48b3cb5..a7cd99ccb 100644
+--- a/MagickCore/image-private.h
++++ b/MagickCore/image-private.h
+@@ -52,6 +52,7 @@ extern "C" {
+ #define MAGICK_SIZE_MAX  (SIZE_MAX)
+ #define MAGICK_SSIZE_MAX  (SSIZE_MAX)
+ #define MAGICK_SSIZE_MIN  (-SSIZE_MAX-1)
++#define MAGICK_ULONG_MAX  (ULONG_MAX)
+ #define MatteColor  "#bdbdbd"  /* gray */
+ #define MatteColorRGBA  ScaleShortToQuantum(0xbdbd),\
+   ScaleShortToQuantum(0xbdbd),ScaleShortToQuantum(0xbdbd),OpaqueAlpha
+diff --git a/MagickCore/profile.c b/MagickCore/profile.c
+index 7eea1d32f..85c180118 100644
+--- a/MagickCore/profile.c
++++ b/MagickCore/profile.c
+@@ -2571,6 +2571,17 @@ static void GetXmpNumeratorAndDenominator(double value,
+   *denominator=1;
+   if (value <= MagickEpsilon)
+     return;
++  if (value > (double) MAGICK_ULONG_MAX)
++    {
++      *numerator = MAGICK_ULONG_MAX;
++      *denominator = 1;
++      return;
++    }
++  if (floor(value) == value)
++    {
++      *numerator = (unsigned long) value;
++      *denominator = 1;
++    }
+   *numerator=1;
+   df=1.0;
+   while(fabs(df - value) > MagickEpsilon)
diff --git a/meta-oe/recipes-support/imagemagick/imagemagick/0002-Added-missing-return.patch b/meta-oe/recipes-support/imagemagick/imagemagick/0002-Added-missing-return.patch
new file mode 100644
index 0000000000..def4fc881f
--- /dev/null
+++ b/meta-oe/recipes-support/imagemagick/imagemagick/0002-Added-missing-return.patch
@@ -0,0 +1,24 @@
+From a574c6ffa818e91772a3bd37649f552b62cd416e Mon Sep 17 00:00:00 2001
+From: Dirk Lemstra <dirk@lemstra.org>
+Date: Mon, 12 May 2025 22:23:48 +0200
+Subject: [PATCH] Added missing return.
+
+CVE: CVE-2025-53015
+Upstream-Status: Backport [https://github.com/ImageMagick/ImageMagick/commit/38631605e6ab744548a561797472cf8648bcfe26]
+Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
+---
+ MagickCore/profile.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/MagickCore/profile.c b/MagickCore/profile.c
+index 85c180118..a68e54f14 100644
+--- a/MagickCore/profile.c
++++ b/MagickCore/profile.c
+@@ -2581,6 +2581,7 @@ static void GetXmpNumeratorAndDenominator(double value,
+     {
+       *numerator = (unsigned long) value;
+       *denominator = 1;
++      return;
+     }
+   *numerator=1;
+   df=1.0;
diff --git a/meta-oe/recipes-support/imagemagick/imagemagick_7.1.1-43.bb b/meta-oe/recipes-support/imagemagick/imagemagick_7.1.1-43.bb
index 56f60716ba..64e81170bf 100644
--- a/meta-oe/recipes-support/imagemagick/imagemagick_7.1.1-43.bb
+++ b/meta-oe/recipes-support/imagemagick/imagemagick_7.1.1-43.bb
@@ -14,6 +14,8 @@ UPSTREAM_CHECK_GITTAGREGEX = "(?P<pver>([0-9][\.|_|-]?)+)"
 
 SRC_URI = "git://github.com/ImageMagick/ImageMagick.git;branch=main;protocol=https \
            file://0001-Correct-out-of-bounds-read-of-a-single-byte.patch \
+           file://0001-Added-extra-checks-to-make-sure-we-don-t-get-stuck-i.patch \
+           file://0002-Added-missing-return.patch \
            "
 SRCREV = "a2d96f40e707ba54b57e7d98c3277d3ea6611ace"
 

From patchwork Wed Oct  8 20:59:06 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Gyorgy Sarvari <skandigraun@gmail.com>
X-Patchwork-Id: 71871
Return-Path: <skandigraun@gmail.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 7B699CAC5BB
	for <webhook@archiver.kernel.org>; Wed,  8 Oct 2025 20:59:19 +0000 (UTC)
Received: from mail-ej1-f53.google.com (mail-ej1-f53.google.com
 [209.85.218.53])
 by mx.groups.io with SMTP id smtpd.web10.2619.1759957158717901346
 for <openembedded-devel@lists.openembedded.org>;
 Wed, 08 Oct 2025 13:59:19 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@gmail.com header.s=20230601 header.b=ECvDaavs;
 spf=pass (domain: gmail.com, ip: 209.85.218.53,
 mailfrom: skandigraun@gmail.com)
Received: by mail-ej1-f53.google.com with SMTP id
 a640c23a62f3a-b40f11a1027so44627466b.2
        for <openembedded-devel@lists.openembedded.org>;
 Wed, 08 Oct 2025 13:59:18 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20230601; t=1759957157; x=1760561957;
 darn=lists.openembedded.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:from:to:cc:subject:date:message-id
         :reply-to;
        bh=fkPMGKdH3rGM5iwB80cM/DVsMfVR6sHDWwI0DwIyQTw=;
        b=ECvDaavscnfPrsX7OyUdTk/az1ZEnHifQKgXRoPBT1QPlS90ZNfn1hZJL7RUDc3lSP
         lfbB4ao6Kvfwv5AwOXaGZLH2VDLbkA6vS7Qg8VLzsKCoVqX05SZR/IBOB5SbWulLdZj6
         rf6LnZFfjJeauMHCh5NqkBKXMYZN359cg7gVNFL53ssr+Em/vxEXouhiD/gFMPSrI+7t
         TpPBpSePskbmeSGYJc/DZ5hMziubN66eHJE9oUlHxt3naRMAdJbRO1Od+knHxpCajy57
         L7yGIlm3GBBV2k36ouAZ0dAQZkqDj0Bp37iQiTi3nA9wFEhWAtgfrBYVJr2EcK2cN4jE
         0m0g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1759957157; x=1760561957;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=fkPMGKdH3rGM5iwB80cM/DVsMfVR6sHDWwI0DwIyQTw=;
        b=nFl21FWL/bagk3Q6DJknKNwBZWtpwJR/mvRVpMVuNJBVFo6cPQpEgnbsslQR/MArRn
         QVEXjVC72KQvZs5sQNQ7LoyF/dAPZksP8ceexDaxaJSTqvS0nQH8eC5338BxW+BtXrJb
         dDZIzDhZg8J6futrBugEpBuaZTso+tVPceGqsBX3NTzj0TKfRIQXRyZt4ZnVJ7nHSUBb
         V/4FSvH9ljQzL9RP0UPUVLgMQqZwmIKRF8rAnj6Np3dB3chTvvvnlD724mvNnGfPFxyV
         YrQ8nv9aCLGnimDGKXJ0WcczTrveneQqlcVLXwnz74QwFfI+N+lmMjd2ADhSql7f9vpK
         JCVw==
X-Gm-Message-State: AOJu0Yz6zuuVPzkEkvbZbr57FD9aWIxkBd/0C7hDEfkTlsGl0rjovPVi
	1b3y+z9qMSf1MSEues/S+r3fei5aPyqY8b15DHvO13U6qw9hUWqF7b4JZh3KK+43
X-Gm-Gg: ASbGnctRphXa5xnm5j8lmvsgqPAQO/e9t6St3Drvb7wHsA3de5hWkGpiNRd/f0E3SdR
	HL2GLCS2UK/F+SYvsVSUrLO9gxdaHvYiizFP9Kx0laPs4lZzYEE4WQ4HW/qaoPKRnXBxiBnHNsg
	IoMDynJjnZUMX3QrTgZiWqOiopduYSDc5BRFoCOfU+wLgEBNw/JyVKr+L/fk9xwRQALSjak8qhx
	jrJM1ljMbo1SHw9DaliL6BXNmIvVnh7RaullLzGpCLguTOjzVII4KQMfYVqVzCTzBWKYqIUc53t
	opax/XoA/l/7YGCOCh6+0ExxLSV/9YEFVqiZp8ju3WfCAdgiujMbeCTmuMZrDmElD0ZMBjbHrjY
	XlUjiF6W0XZJxbmTstIkaO0/NXkqeI7lmh2coklMxijeO
X-Google-Smtp-Source: 
 AGHT+IEJDYta4Zn3NONjFPrOyPumsYwadADfISx/dyN3Z3RLKNI9RMss8LZqfqTcYxsr61rIUl4K9Q==
X-Received: by 2002:a17:907:9710:b0:b50:3363:8531 with SMTP id
 a640c23a62f3a-b50aa387389mr590444566b.12.1759957156830;
        Wed, 08 Oct 2025 13:59:16 -0700 (PDT)
Received: from desktop ([51.154.145.205])
        by smtp.gmail.com with ESMTPSA id
 a640c23a62f3a-b486a173b4csm1740511166b.86.2025.10.08.13.59.16
        for <openembedded-devel@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Wed, 08 Oct 2025 13:59:16 -0700 (PDT)
From: Gyorgy Sarvari <skandigraun@gmail.com>
To: openembedded-devel@lists.openembedded.org
Subject: [meta-oe][walnascar][PATCH 03/11] imagemagick: patch CVE-2025-53019
Date: Wed,  8 Oct 2025 22:59:06 +0200
Message-ID: <20251008205914.598660-3-skandigraun@gmail.com>
X-Mailer: git-send-email 2.51.0
In-Reply-To: <20251008205914.598660-1-skandigraun@gmail.com>
References: <20251008205914.598660-1-skandigraun@gmail.com>
MIME-Version: 1.0
List-Id: <openembedded-devel.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-devel@lists.openembedded.org>; Wed, 08 Oct 2025 20:59:19 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-devel/message/120386

Details: https://nvd.nist.gov/vuln/detail/CVE-2025-53019

Pick the patch mentioned in the related github advisory.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
---
 ...k-when-entering-StreamImage-multiple.patch | 26 +++++++++++++++++++
 .../imagemagick/imagemagick_7.1.1-43.bb       |  1 +
 2 files changed, 27 insertions(+)
 create mode 100644 meta-oe/recipes-support/imagemagick/imagemagick/0001-Fixed-memory-leak-when-entering-StreamImage-multiple.patch

diff --git a/meta-oe/recipes-support/imagemagick/imagemagick/0001-Fixed-memory-leak-when-entering-StreamImage-multiple.patch b/meta-oe/recipes-support/imagemagick/imagemagick/0001-Fixed-memory-leak-when-entering-StreamImage-multiple.patch
new file mode 100644
index 0000000000..b40dd2c9a0
--- /dev/null
+++ b/meta-oe/recipes-support/imagemagick/imagemagick/0001-Fixed-memory-leak-when-entering-StreamImage-multiple.patch
@@ -0,0 +1,26 @@
+From 8afe85d586b15b3b09c5c3c86a6d62b53ab8899e Mon Sep 17 00:00:00 2001
+From: Dirk Lemstra <dirk@lemstra.org>
+Date: Fri, 27 Jun 2025 14:51:57 +0200
+Subject: [PATCH] Fixed memory leak when entering StreamImage multiple times.
+
+CVE: CVE-2025-53019
+Upstream-Status: Backport [https://github.com/ImageMagick/ImageMagick/commit/fc3ab0812edef903bbb2473c0ee652ddfd04fe5c]
+Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
+---
+ MagickCore/stream.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/MagickCore/stream.c b/MagickCore/stream.c
+index 786dabb52..22a0c9eee 100644
+--- a/MagickCore/stream.c
++++ b/MagickCore/stream.c
+@@ -1321,7 +1321,8 @@ MagickExport Image *StreamImage(const ImageInfo *image_info,
+       image_info->filename);
+   read_info=CloneImageInfo(image_info);
+   stream_info->image_info=image_info;
+-  stream_info->quantum_info=AcquireQuantumInfo(image_info,(Image *) NULL);
++  if (stream_info->quantum_info == (QuantumInfo *) NULL)
++    stream_info->quantum_info=AcquireQuantumInfo(image_info,(Image *) NULL);
+   if (stream_info->quantum_info == (QuantumInfo *) NULL)
+     {
+       read_info=DestroyImageInfo(read_info);
diff --git a/meta-oe/recipes-support/imagemagick/imagemagick_7.1.1-43.bb b/meta-oe/recipes-support/imagemagick/imagemagick_7.1.1-43.bb
index 64e81170bf..2f77a777a3 100644
--- a/meta-oe/recipes-support/imagemagick/imagemagick_7.1.1-43.bb
+++ b/meta-oe/recipes-support/imagemagick/imagemagick_7.1.1-43.bb
@@ -16,6 +16,7 @@ SRC_URI = "git://github.com/ImageMagick/ImageMagick.git;branch=main;protocol=htt
            file://0001-Correct-out-of-bounds-read-of-a-single-byte.patch \
            file://0001-Added-extra-checks-to-make-sure-we-don-t-get-stuck-i.patch \
            file://0002-Added-missing-return.patch \
+           file://0001-Fixed-memory-leak-when-entering-StreamImage-multiple.patch \
            "
 SRCREV = "a2d96f40e707ba54b57e7d98c3277d3ea6611ace"
 

From patchwork Wed Oct  8 20:59:07 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Gyorgy Sarvari <skandigraun@gmail.com>
X-Patchwork-Id: 71873
Return-Path: <skandigraun@gmail.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 63B5BCCD184
	for <webhook@archiver.kernel.org>; Wed,  8 Oct 2025 20:59:29 +0000 (UTC)
Received: from mail-ej1-f48.google.com (mail-ej1-f48.google.com
 [209.85.218.48])
 by mx.groups.io with SMTP id smtpd.web11.2603.1759957159280446816
 for <openembedded-devel@lists.openembedded.org>;
 Wed, 08 Oct 2025 13:59:19 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@gmail.com header.s=20230601 header.b=lIO6rNsE;
 spf=pass (domain: gmail.com, ip: 209.85.218.48,
 mailfrom: skandigraun@gmail.com)
Received: by mail-ej1-f48.google.com with SMTP id
 a640c23a62f3a-b3da3b34950so36736366b.3
        for <openembedded-devel@lists.openembedded.org>;
 Wed, 08 Oct 2025 13:59:19 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20230601; t=1759957158; x=1760561958;
 darn=lists.openembedded.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:from:to:cc:subject:date:message-id
         :reply-to;
        bh=ZSD0SaIiLvXNAEBBn9NLNSZokrlyy4eimkh607zOq4w=;
        b=lIO6rNsEGZK5PWbpTB9BoVvkf3M1riDYr6IqEtIa/3uv+Mw3f8AEmo7ykvDOjaZw4z
         zGTvZaiQFXUu6vCNbfIAAGraFB/I0cNIq9wh4Ce/fuZOwbp6xH9UX3GTWWn3eUJMQvQo
         j0SBKQkPNONWubzJCY85HY5OulH3NoOyI3dk/+km8uVACwTgJmF9kbfDyo+1j67x4ltG
         enTp5ZM26Nx+SMlkYWPg0fNRo7AmN8oRK+LNtYgpvP1V/eAVdXf93CLboec7Vl2Ee5MF
         20+G1RPcducAnHD9E6Y/4rl5Zn8C2tmschGCV8y7QZe9R2673W0/+pegZZoDfkAYOmH4
         6s+Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1759957158; x=1760561958;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=ZSD0SaIiLvXNAEBBn9NLNSZokrlyy4eimkh607zOq4w=;
        b=Go6VM+a6oAw4a4TO+AAaJJTQguid0cQFqRLejkYDy0SPQl7Yj4ia3Z5jniTOb6m7Lo
         yv11yaVronpMR4/zwIKoaXGPNQnBdeJkoCRbrLqoaANvUuzQOBPvALUx67hs6KnmR125
         9fntYfleZMoDNWEkPI7I6bLDom88Nun7WANrl4R2HX0td8kinpQQ8bJmKUaSVrOsUw/7
         pY5IryLs2JKF5zk737F1hfeAMLsRWwTCeYQwToblf031ngGbKPmVLi1RwbffUGeILLmB
         G3koxxLt3CxvYe/wCdIbSBpIcPlrZC5AIyF61moHmoYjoE1NqEV+NjRlB69ZfwuGPvvH
         kyEw==
X-Gm-Message-State: AOJu0YyFWXeShKJ/pwCiurVLfPyetPaWjAsTCILJSIbcme4diOP/H7ns
	D8l9Gw74Fsld5mWRqgBDL4Q6oAJ/2FoDP0jhiUIqB9mEdqVqGPkGP6F9QF8FiiFk
X-Gm-Gg: ASbGncsFMD0gsmasiY3WMyiAvub2Qfw7PmfPd+zamacFQCwCyfmkrCJHdLcv64hDD3y
	E0j52dBFE07MV6Cv7UO4D1/uWjSgMmyKH/VcOzYsgjgi99BiNCI5jspUXVrxJJiRdvHE3z6Oa8D
	Sj5gf+7eqhJp6nDu2gWOrhy1fHNxE9cTsCCmLfmW7X6eKcEeJ+/e/BTe8veuspYRhFO5WNhXD0z
	VokFGzo78aQ8C0thwDmPcuJCVsqpfcbLmCLBsMTx5pC+js43pXy3eh1xelg5DFjZycnIR/SdXDL
	Q9DLyxlovjkQAeaaRSsTllWrj4ITJJ8Bu1mY8nAiUg8ZXiNaqkbfdGPUBqeYPhufe6990iQ3lV3
	zc/3Or4XFAtv1Z7F/U7+5luFwxO0Xi7CF8TheR1VujJy3Zm4kLjvCjIE=
X-Google-Smtp-Source: 
 AGHT+IHPHCQJ8SY6iTzKE/vf7EHfVHMU75Od43C1onBkuPNam7h63YqBRfeTTMy/bfCCypGyaCLPXA==
X-Received: by 2002:a17:906:284e:b0:b40:101d:cbc2 with SMTP id
 a640c23a62f3a-b50abaa44bcmr420785966b.37.1759957157514;
        Wed, 08 Oct 2025 13:59:17 -0700 (PDT)
Received: from desktop ([51.154.145.205])
        by smtp.gmail.com with ESMTPSA id
 a640c23a62f3a-b486a173b4csm1740511166b.86.2025.10.08.13.59.16
        for <openembedded-devel@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Wed, 08 Oct 2025 13:59:17 -0700 (PDT)
From: Gyorgy Sarvari <skandigraun@gmail.com>
To: openembedded-devel@lists.openembedded.org
Subject: [meta-oe][walnascar][PATCH 04/11] imagemagick: patch CVE-2025-53101
Date: Wed,  8 Oct 2025 22:59:07 +0200
Message-ID: <20251008205914.598660-4-skandigraun@gmail.com>
X-Mailer: git-send-email 2.51.0
In-Reply-To: <20251008205914.598660-1-skandigraun@gmail.com>
References: <20251008205914.598660-1-skandigraun@gmail.com>
MIME-Version: 1.0
List-Id: <openembedded-devel.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-devel@lists.openembedded.org>; Wed, 08 Oct 2025 20:59:29 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-devel/message/120387

Details: https://nvd.nist.gov/vuln/detail/CVE-2025-53101

Pick the patch mentioned in the details of the above link.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
---
 ...-ImageMagick-ImageMagick-security-ad.patch | 52 +++++++++++++++++++
 .../imagemagick/imagemagick_7.1.1-43.bb       |  1 +
 2 files changed, 53 insertions(+)
 create mode 100644 meta-oe/recipes-support/imagemagick/imagemagick/0001-https-github.com-ImageMagick-ImageMagick-security-ad.patch

diff --git a/meta-oe/recipes-support/imagemagick/imagemagick/0001-https-github.com-ImageMagick-ImageMagick-security-ad.patch b/meta-oe/recipes-support/imagemagick/imagemagick/0001-https-github.com-ImageMagick-ImageMagick-security-ad.patch
new file mode 100644
index 0000000000..48c3fff35c
--- /dev/null
+++ b/meta-oe/recipes-support/imagemagick/imagemagick/0001-https-github.com-ImageMagick-ImageMagick-security-ad.patch
@@ -0,0 +1,52 @@
+From 0afb803b504b572f3dc654ac4e39e5bd8df7ee03 Mon Sep 17 00:00:00 2001
+From: Cristy <urban-warrior@imagemagick.org>
+Date: Fri, 27 Jun 2025 20:02:12 -0400
+Subject: [PATCH] 
+ https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-qh3h-j545-h8c9
+
+CVE: CVE-2025-53101
+Upstream-Status: Backport [https://github.com/ImageMagick/ImageMagick/commit/66dc8f51c11b0ae1f1cdeacd381c3e9a4de69774]
+Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
+---
+ MagickCore/image.c | 11 +++++------
+ 1 file changed, 5 insertions(+), 6 deletions(-)
+
+diff --git a/MagickCore/image.c b/MagickCore/image.c
+index 03a5972d0..abca0a9ae 100644
+--- a/MagickCore/image.c
++++ b/MagickCore/image.c
+@@ -1665,7 +1665,6 @@ MagickExport size_t InterpretImageFilename(const ImageInfo *image_info,
+     canonical;
+ 
+   ssize_t
+-    field_width,
+     offset;
+ 
+   canonical=MagickFalse;
+@@ -1681,21 +1680,21 @@ MagickExport size_t InterpretImageFilename(const ImageInfo *image_info,
+         p++;
+         continue;
+       }
+-    field_width=0;
+-    if (*q == '0')
+-      field_width=(ssize_t) strtol(q,&q,10);
+     switch (*q)
+     {
+       case 'd':
+       case 'o':
+       case 'x':
+       {
++        ssize_t count;
+         q++;
+         c=(*q);
+         *q='\0';
+-        (void) FormatLocaleString(filename+(p-format-offset),(size_t)
++        count=FormatLocaleString(filename+(p-format-offset),(size_t)
+           (MagickPathExtent-(p-format-offset)),p,value);
+-        offset+=(4-field_width);
++        if ((count <= 0) || (count > (MagickPathExtent-(p-format-offset))))
++          return(0);
++        offset+=(ssize_t) ((q-p)-count);
+         *q=c;
+         (void) ConcatenateMagickString(filename,q,MagickPathExtent);
+         canonical=MagickTrue;
diff --git a/meta-oe/recipes-support/imagemagick/imagemagick_7.1.1-43.bb b/meta-oe/recipes-support/imagemagick/imagemagick_7.1.1-43.bb
index 2f77a777a3..b4990fd5a3 100644
--- a/meta-oe/recipes-support/imagemagick/imagemagick_7.1.1-43.bb
+++ b/meta-oe/recipes-support/imagemagick/imagemagick_7.1.1-43.bb
@@ -17,6 +17,7 @@ SRC_URI = "git://github.com/ImageMagick/ImageMagick.git;branch=main;protocol=htt
            file://0001-Added-extra-checks-to-make-sure-we-don-t-get-stuck-i.patch \
            file://0002-Added-missing-return.patch \
            file://0001-Fixed-memory-leak-when-entering-StreamImage-multiple.patch \
+           file://0001-https-github.com-ImageMagick-ImageMagick-security-ad.patch \
            "
 SRCREV = "a2d96f40e707ba54b57e7d98c3277d3ea6611ace"
 

From patchwork Wed Oct  8 20:59:08 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Gyorgy Sarvari <skandigraun@gmail.com>
X-Patchwork-Id: 71874
Return-Path: <skandigraun@gmail.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 63B18CAC5BB
	for <webhook@archiver.kernel.org>; Wed,  8 Oct 2025 20:59:29 +0000 (UTC)
Received: from mail-ej1-f48.google.com (mail-ej1-f48.google.com
 [209.85.218.48])
 by mx.groups.io with SMTP id smtpd.web10.2622.1759957159922092252
 for <openembedded-devel@lists.openembedded.org>;
 Wed, 08 Oct 2025 13:59:20 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@gmail.com header.s=20230601 header.b=hlJ312Ai;
 spf=pass (domain: gmail.com, ip: 209.85.218.48,
 mailfrom: skandigraun@gmail.com)
Received: by mail-ej1-f48.google.com with SMTP id
 a640c23a62f3a-b3d80891c6cso213155066b.1
        for <openembedded-devel@lists.openembedded.org>;
 Wed, 08 Oct 2025 13:59:19 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20230601; t=1759957158; x=1760561958;
 darn=lists.openembedded.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:from:to:cc:subject:date:message-id
         :reply-to;
        bh=x4DUDlH0YKMw05bj8irvMET6FTB+tL4vZA1doBKbYq4=;
        b=hlJ312AiJkwpqG6H3excjey69tP+paJX4fhHU/gpaCZN1cwE9slpmOeI8GcsT5BkSj
         QWTKbyJOxksw5nMFxsEKw2k/jM3ozWqHgRcIPWRucwArWrV4KyyJMfGFLteNVo42d10n
         Ye4eKULT2oPJIMezYmfEUOodKmqGTsons58GRaOAcq2DkQQ/ClLnCjLAz3qodEHWpaVf
         M7OEDvJ3uFiybNwmYlNGoq42gI2gntJkc69+WB3lFWmrdFyAVMtNAV1D0K5shWWTvd/q
         OR+4hlyTSwYpeAqb9g590hPuAS7Z2hfQkN0+0e8HEON+ueeS+swSzLZr8l/L6bY7jqCP
         Ij9Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1759957158; x=1760561958;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=x4DUDlH0YKMw05bj8irvMET6FTB+tL4vZA1doBKbYq4=;
        b=cSGPCnT94iHipHB6dMsr7dF4T76QnxCvu5kGN5JaPLgyJr0O98sgfwWXq37WVEvCYt
         r1O/LIzZBDReXz8oqHDYqDgwLrU02Y64jJjKS3cqu62OTSUZp7+MHw12t9UR0Ykgi29S
         tkdwbsrNgVNO3Jcz4Z76ysykM9IoV91fFPAFpZAEbmZPDnpZh4UGfw6sxG9dxdLpcpQr
         gzka4dUrrUyYxXS0SWi/TPPyuYkLs4/6o64g0A4Pgn7UuvbEZrmcMRdtoB3JdEEpWm0Q
         WzyPSpoX5ugsT/bGnCIkroyTacpXLA/jsnNVjMVg69zxllFu/dzWLGFcAbwmWWXa9ycD
         XSkg==
X-Gm-Message-State: AOJu0YzKJefLTO+lc0WdbtT9tCes6nG4Q8uTgJDJB/QHDRXpqFQz2UIg
	Zm1Mp+pM8glBWUAbkYbRSYyN6GuaAsouuy02tqfBiVDRxQjk4bd98mVg198CbwFJ
X-Gm-Gg: ASbGncuAe8Ufz9kO7gur6UKLzA6xJ5sn8aWT9Ammo32L63VJp/OFZekVdtUvPhOo1Go
	7x7ZDhGdpb9aQmW0rtAAtEqsDZqcbHlk65rqFUNP8lj8KM6/tmSg/VRIkpYb5aHYfmrKPK+SV4h
	b5cJKBfYCFBhX62SeCR2qKd8NBUB3+vg+a9jBku7h4Fd4sMVm5F8JjQZQhV2OLSdrrEkdFvBNFT
	G80n2tfbSWCfsw9GvC9llFpwsOrjzXFMwk8dNPHDywsyJWQJz8IKp36w3aaWsQGjLohXyDOpQd5
	Y7aFQ3SVSFsXZY/KPo5rpMK5CNzqQzi9sSqrYtP8c3gGN73IOwTbQvd69uJmlMKGcp5yIwDMiLz
	Jt5W9aiA5Ii0nSpG0cJLG9g0/HIM4G9w6DMWHNuCB/pXxTrHIm6+OcOI=
X-Google-Smtp-Source: 
 AGHT+IEcIv8lT3crZSdi9/yqYMzs46KMTStapvcthcBZwnXvVPHhrFuYPTH/ilUoJY7wJAvy8N6bcw==
X-Received: by 2002:a17:907:3e14:b0:b0e:83e7:f6e1 with SMTP id
 a640c23a62f3a-b50bedbf398mr617461066b.15.1759957158218;
        Wed, 08 Oct 2025 13:59:18 -0700 (PDT)
Received: from desktop ([51.154.145.205])
        by smtp.gmail.com with ESMTPSA id
 a640c23a62f3a-b486a173b4csm1740511166b.86.2025.10.08.13.59.17
        for <openembedded-devel@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Wed, 08 Oct 2025 13:59:17 -0700 (PDT)
From: Gyorgy Sarvari <skandigraun@gmail.com>
To: openembedded-devel@lists.openembedded.org
Subject: [meta-oe][walnascar][PATCH 05/11] imagemagick: patch CVE-2025-55004
Date: Wed,  8 Oct 2025 22:59:08 +0200
Message-ID: <20251008205914.598660-5-skandigraun@gmail.com>
X-Mailer: git-send-email 2.51.0
In-Reply-To: <20251008205914.598660-1-skandigraun@gmail.com>
References: <20251008205914.598660-1-skandigraun@gmail.com>
MIME-Version: 1.0
List-Id: <openembedded-devel.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-devel@lists.openembedded.org>; Wed, 08 Oct 2025 20:59:29 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-devel/message/120388

Details: https://nvd.nist.gov/vuln/detail/CVE-2025-55004

Pick the patch that mentions the relevant github advisory in its commit message.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
---
 .../imagemagick/0001-CVE-2025-55004.patch     | 64 +++++++++++++++++++
 .../imagemagick/imagemagick_7.1.1-43.bb       |  1 +
 2 files changed, 65 insertions(+)
 create mode 100644 meta-oe/recipes-support/imagemagick/imagemagick/0001-CVE-2025-55004.patch

diff --git a/meta-oe/recipes-support/imagemagick/imagemagick/0001-CVE-2025-55004.patch b/meta-oe/recipes-support/imagemagick/imagemagick/0001-CVE-2025-55004.patch
new file mode 100644
index 0000000000..8a326de900
--- /dev/null
+++ b/meta-oe/recipes-support/imagemagick/imagemagick/0001-CVE-2025-55004.patch
@@ -0,0 +1,64 @@
+From 2c850f4136e8972244f21ba2eb2db9397784d479 Mon Sep 17 00:00:00 2001
+From: Cristy <urban-warrior@imagemagick.org>
+Date: Thu, 7 Aug 2025 19:14:00 -0400
+Subject: [PATCH] CVE-2025-55004
+
+CVE: CVE-2025-55004
+Upstream-Status: Backport [https://github.com/ImageMagick/ImageMagick/commit/55d97055e00a7bc7ae2776c99824002fbb4a72aa]
+Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
+---
+ coders/png.c | 33 ++++++++++-----------------------
+ 1 file changed, 10 insertions(+), 23 deletions(-)
+
+diff --git a/coders/png.c b/coders/png.c
+index ad756e8ed..9594623e3 100644
+--- a/coders/png.c
++++ b/coders/png.c
+@@ -4779,37 +4779,24 @@ static Image *ReadOneJNGImage(MngReadInfo *mng_info,
+       jng_image=ReadImage(alpha_image_info,exception);
+ 
+       if (jng_image != (Image *) NULL)
+-        for (y=0; y < (ssize_t) image->rows; y++)
+         {
+-          s=GetVirtualPixels(jng_image,0,y,image->columns,1,exception);
+-          q=GetAuthenticPixels(image,0,y,image->columns,1,exception);
+-          if ((s == (const Quantum *)  NULL) || (q == (Quantum *) NULL))
+-            break;
++          image->alpha_trait=BlendPixelTrait;
++          for (y=0; y < (ssize_t) image->rows; y++)
++          {
++            s=GetVirtualPixels(jng_image,0,y,image->columns,1,exception);
++            q=GetAuthenticPixels(image,0,y,image->columns,1,exception);
++            if ((s == (const Quantum *)  NULL) || (q == (Quantum *) NULL))
++              break;
+ 
+-          if (image->alpha_trait != UndefinedPixelTrait)
+             for (x=(ssize_t) image->columns; x != 0; x--)
+             {
+               SetPixelAlpha(image,GetPixelRed(jng_image,s),q);
+               q+=(ptrdiff_t) GetPixelChannels(image);
+               s+=(ptrdiff_t) GetPixelChannels(jng_image);
+             }
+-
+-          else
+-            for (x=(ssize_t) image->columns; x != 0; x--)
+-            {
+-              Quantum
+-                alpha;
+-
+-              alpha=GetPixelRed(jng_image,s);
+-              SetPixelAlpha(image,alpha,q);
+-              if (alpha != OpaqueAlpha)
+-                image->alpha_trait=BlendPixelTrait;
+-              q+=(ptrdiff_t) GetPixelChannels(image);
+-              s+=(ptrdiff_t) GetPixelChannels(jng_image);
+-            }
+-
+-          if (SyncAuthenticPixels(image,exception) == MagickFalse)
+-            break;
++            if (SyncAuthenticPixels(image,exception) == MagickFalse)
++              break;
++          }
+         }
+       (void) RelinquishUniqueFileResource(alpha_image->filename);
+       alpha_image=DestroyImageList(alpha_image);
diff --git a/meta-oe/recipes-support/imagemagick/imagemagick_7.1.1-43.bb b/meta-oe/recipes-support/imagemagick/imagemagick_7.1.1-43.bb
index b4990fd5a3..570d162fd4 100644
--- a/meta-oe/recipes-support/imagemagick/imagemagick_7.1.1-43.bb
+++ b/meta-oe/recipes-support/imagemagick/imagemagick_7.1.1-43.bb
@@ -18,6 +18,7 @@ SRC_URI = "git://github.com/ImageMagick/ImageMagick.git;branch=main;protocol=htt
            file://0002-Added-missing-return.patch \
            file://0001-Fixed-memory-leak-when-entering-StreamImage-multiple.patch \
            file://0001-https-github.com-ImageMagick-ImageMagick-security-ad.patch \
+           file://0001-CVE-2025-55004.patch \
            "
 SRCREV = "a2d96f40e707ba54b57e7d98c3277d3ea6611ace"
 

From patchwork Wed Oct  8 20:59:09 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Gyorgy Sarvari <skandigraun@gmail.com>
X-Patchwork-Id: 71877
Return-Path: <skandigraun@gmail.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 6EAE0CCA470
	for <webhook@archiver.kernel.org>; Wed,  8 Oct 2025 20:59:29 +0000 (UTC)
Received: from mail-ej1-f48.google.com (mail-ej1-f48.google.com
 [209.85.218.48])
 by mx.groups.io with SMTP id smtpd.web10.2623.1759957160673420850
 for <openembedded-devel@lists.openembedded.org>;
 Wed, 08 Oct 2025 13:59:20 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@gmail.com header.s=20230601 header.b=Sj339iOX;
 spf=pass (domain: gmail.com, ip: 209.85.218.48,
 mailfrom: skandigraun@gmail.com)
Received: by mail-ej1-f48.google.com with SMTP id
 a640c23a62f3a-b3d80891c6cso213156466b.1
        for <openembedded-devel@lists.openembedded.org>;
 Wed, 08 Oct 2025 13:59:20 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20230601; t=1759957159; x=1760561959;
 darn=lists.openembedded.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:from:to:cc:subject:date:message-id
         :reply-to;
        bh=qbjok82BW1+Ft0ltjhTXtJbI/XFRRI3AFoq9jVx7bk8=;
        b=Sj339iOXerwr4l4usjUUdilb7EaKEJe/YNWb2ZtEXcj4+CfHceyi/bztKdwwTzECe6
         cMNpKep/0Fck1NYo9RtGSJPTRvc/u4AZkCZA52eAZqEJtYTT8YEHbLURglhqGeJnHWbX
         jDj+W4W9KMBN379oeLzhAbMnOMxHpJIK2QyK3c+icahlyNEZNgV51qXG59w4pRjShJBo
         HfLrSyWzBCcJcB4Hw3VhHTskYxhK5Izos8rqSJcGIXXLWnO3UXnR/sdUQgrQ0YVudTqS
         vyEYfnLP00bBC/N5IyLc5KI7YDn0+QcgPYY1Zvdw2U+EIqhDxdy++7LG1m8ijL7YByPy
         Dh4A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1759957159; x=1760561959;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=qbjok82BW1+Ft0ltjhTXtJbI/XFRRI3AFoq9jVx7bk8=;
        b=LDBWv82d0pIqmQJwOs62WrAcsUGK9KY7JXtzWhPS1qqRqeJ9CTOrqRRkHAW0xACVFq
         tAjdowlrZJoHMyihVV1QP84biQ0nW5wHAwVwQ+Wumac4YB3croAU2kG4I5kZI1llOEFk
         rPZXcaPeeXiS2+0FnZ31W/P25V7Uqhx29gOOoXVsa8DM+U8hpRGSbQvFADT+kpWi91IN
         k1XN3f88hOyBysFCUz6V/pwENBEZPXz7Hv4C5lt+B9OgXYvfqoFVkFjBovI40eMBLffO
         OPylTdOq3MUY+JoUsVU63u2YD18DFOYNhcex72cm5lzamQLvaHACGdQQwYbwR/R0EuSM
         6Fkw==
X-Gm-Message-State: AOJu0YwfTg4vG5C/DfIM//rZT3tLO6xRd8gOrzQ2vHj94V9JGqJiN/Sk
	BR7sSpr6HYtDmoIPFe+a4JIJf3CxMCIPVBL9kdIbPChiAQRlQ+2pV6qPG85dWw7+
X-Gm-Gg: ASbGncv2sJQuispNrVHQfsjaM4L9Bq0B24LomDkrJiG69bTnR8XhTlbmud7AErZ9TKX
	2The3rQ6YGgFhktlazcc5Cu7wacpnmD+7j1MpwbV00i0tQLTRKTRyGKWCk7fPi8V2A9EURAncry
	yG9O1jGZ0g6HqoDnmgqCDKj0EOmUGS4CaGYvJLKAP3Afk+N0y4v7vgoMnWoQElIEbS2RpBCwK3v
	t8V8PKKMkg79kzdBAvFhgrF0rvJ3N0NlL5BygHdu7oUzfEz7deblt4W6LqRmYsE5FDjo/H4xg6Y
	gNfduYRBxFVt88wUKYU2ktwaGNSnwvBHb8FRk1UB49GUmqFtu1cANXlrMsQ7ZHwYnDwqZoyzd2f
	OVWuDNqjSjUNkBAgYedQej9u6Ezq2n69eENcyz2rbTeBp
X-Google-Smtp-Source: 
 AGHT+IEMgT5rab6DiRNRYmHiQVk6DJkh/X2nSmmXDyT5Dq5quXMcBI/GtoWTAgBV7L7O2vl6krdGGw==
X-Received: by 2002:a17:907:94c1:b0:afe:159:14b1 with SMTP id
 a640c23a62f3a-b50bd049ba7mr560706166b.9.1759957158869;
        Wed, 08 Oct 2025 13:59:18 -0700 (PDT)
Received: from desktop ([51.154.145.205])
        by smtp.gmail.com with ESMTPSA id
 a640c23a62f3a-b486a173b4csm1740511166b.86.2025.10.08.13.59.18
        for <openembedded-devel@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Wed, 08 Oct 2025 13:59:18 -0700 (PDT)
From: Gyorgy Sarvari <skandigraun@gmail.com>
To: openembedded-devel@lists.openembedded.org
Subject: [meta-oe][walnascar][PATCH 06/11] imagemagick: patch CVE-2025-55005
Date: Wed,  8 Oct 2025 22:59:09 +0200
Message-ID: <20251008205914.598660-6-skandigraun@gmail.com>
X-Mailer: git-send-email 2.51.0
In-Reply-To: <20251008205914.598660-1-skandigraun@gmail.com>
References: <20251008205914.598660-1-skandigraun@gmail.com>
MIME-Version: 1.0
List-Id: <openembedded-devel.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-devel@lists.openembedded.org>; Wed, 08 Oct 2025 20:59:29 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-devel/message/120389

Details: https://nvd.nist.gov/vuln/detail/CVE-2025-55005

Pick the patch that mentions the relevant github advisory in its commit message.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
---
 .../imagemagick/0001-CVE-2025-55005.patch     | 36 +++++++++++++++++++
 .../imagemagick/imagemagick_7.1.1-43.bb       |  1 +
 2 files changed, 37 insertions(+)
 create mode 100644 meta-oe/recipes-support/imagemagick/imagemagick/0001-CVE-2025-55005.patch

diff --git a/meta-oe/recipes-support/imagemagick/imagemagick/0001-CVE-2025-55005.patch b/meta-oe/recipes-support/imagemagick/imagemagick/0001-CVE-2025-55005.patch
new file mode 100644
index 0000000000..7f7b5537d4
--- /dev/null
+++ b/meta-oe/recipes-support/imagemagick/imagemagick/0001-CVE-2025-55005.patch
@@ -0,0 +1,36 @@
+From 75a044ff3d4b356a5a4c2100b907c3fadcd20ef5 Mon Sep 17 00:00:00 2001
+From: Cristy <urban-warrior@imagemagick.org>
+Date: Thu, 7 Aug 2025 22:05:10 -0400
+Subject: [PATCH] CVE-2025-55005
+
+https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-v393-38qx-v8fp
+
+CVE: CVE-2025-55005
+Upstream-Status: Backport [https://github.com/ImageMagick/ImageMagick/commit/b68bb6d3cfe472d5bd9329b4172e2e4f63d90a57]
+
+Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
+---
+ MagickCore/colorspace.c | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+diff --git a/MagickCore/colorspace.c b/MagickCore/colorspace.c
+index baeeb43dd..e18009f30 100644
+--- a/MagickCore/colorspace.c
++++ b/MagickCore/colorspace.c
+@@ -2397,10 +2397,16 @@ static MagickBooleanType TransformsRGBImage(Image *image,
+       value=GetImageProperty(image,"reference-black",exception);
+       if (value != (const char *) NULL)
+         reference_black=StringToDouble(value,(char **) NULL);
++      if (reference_black > 1024.0)
++        reference_black=1024.0;
+       reference_white=ReferenceWhite;
+       value=GetImageProperty(image,"reference-white",exception);
+       if (value != (const char *) NULL)
+         reference_white=StringToDouble(value,(char **) NULL);
++      if (reference_white > 1024.0)
++        reference_white=1024.0;
++      if (reference_black > reference_white)
++        reference_black=reference_white;
+       logmap=(Quantum *) AcquireQuantumMemory((size_t) MaxMap+1UL,
+         sizeof(*logmap));
+       if (logmap == (Quantum *) NULL)
diff --git a/meta-oe/recipes-support/imagemagick/imagemagick_7.1.1-43.bb b/meta-oe/recipes-support/imagemagick/imagemagick_7.1.1-43.bb
index 570d162fd4..690f3d27aa 100644
--- a/meta-oe/recipes-support/imagemagick/imagemagick_7.1.1-43.bb
+++ b/meta-oe/recipes-support/imagemagick/imagemagick_7.1.1-43.bb
@@ -19,6 +19,7 @@ SRC_URI = "git://github.com/ImageMagick/ImageMagick.git;branch=main;protocol=htt
            file://0001-Fixed-memory-leak-when-entering-StreamImage-multiple.patch \
            file://0001-https-github.com-ImageMagick-ImageMagick-security-ad.patch \
            file://0001-CVE-2025-55004.patch \
+           file://0001-CVE-2025-55005.patch \
            "
 SRCREV = "a2d96f40e707ba54b57e7d98c3277d3ea6611ace"
 

From patchwork Wed Oct  8 20:59:10 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Gyorgy Sarvari <skandigraun@gmail.com>
X-Patchwork-Id: 71876
Return-Path: <skandigraun@gmail.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 7329DCCD187
	for <webhook@archiver.kernel.org>; Wed,  8 Oct 2025 20:59:29 +0000 (UTC)
Received: from mail-ej1-f54.google.com (mail-ej1-f54.google.com
 [209.85.218.54])
 by mx.groups.io with SMTP id smtpd.web10.2624.1759957161396363251
 for <openembedded-devel@lists.openembedded.org>;
 Wed, 08 Oct 2025 13:59:21 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@gmail.com header.s=20230601 header.b=mpDmne74;
 spf=pass (domain: gmail.com, ip: 209.85.218.54,
 mailfrom: skandigraun@gmail.com)
Received: by mail-ej1-f54.google.com with SMTP id
 a640c23a62f3a-b4c89df6145so35877966b.3
        for <openembedded-devel@lists.openembedded.org>;
 Wed, 08 Oct 2025 13:59:21 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20230601; t=1759957160; x=1760561960;
 darn=lists.openembedded.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:from:to:cc:subject:date:message-id
         :reply-to;
        bh=BjPHDtJUmXgO7dK7k+jJSlp5pXbDICRFkkvqgqRGtS0=;
        b=mpDmne742oZ5BXjxB4pvkqAFZrQnhYwpkvipLBRzskQoCzhfzc11VxZFM23REn9DWQ
         pBQVZFfnU6F5nsKm4WUTSXVJTCYJQnY6+yHlNMwAx0wkgdHAxXimZpJf/9+5rCdn/qJc
         vUeENibNyN9VhbOEOMrs/AVy22llf+9XPbzCPC1X6J4zyrgEyl6HmjKjk2ch9BNdcl91
         tH8RQ6jBtcVJL6FbdcQvcXVxR/gWtAwQCBnfqHKNEyfhNDDT3Bsn9bYNo5PKLO9pQhzw
         3oOjMC+1CRoot6hKA0/N1R5Y67cjA7maYpYiyl0uCv82MZAF9UhEOAxYLXystVyDljv7
         38Sw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1759957160; x=1760561960;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=BjPHDtJUmXgO7dK7k+jJSlp5pXbDICRFkkvqgqRGtS0=;
        b=W7XN0nfD1PV0nd2bp1wforazkJjLPmB99jFXoPLR0eSAmC65k0R3hHsBx2UX0sTLnA
         eL6I0kUhCOVuOAygnwS/Qo6RhiTEgHkn2Y69zvCvRkJeY8pyVjGOLnHoh559yhUr7Gjf
         aCGajqHKqflXJkpeg6g5uAQaFSLBcyE8W1kQi/I3cejIWRyPPT31XONOCd7k5PLvDLAw
         p0gTJszf6dxgolHZxFVYci2Lxw1OaTuxwjBoEDNUC0g7ruCKhbz7i1Cndp4Qi/gx4XNu
         gbr2SSN43497hJTnidwlbMgpgjjqwCNWjg+0Ff5/pzya8I4XrtbySsI42PcLrtDWav/F
         oaBg==
X-Gm-Message-State: AOJu0YyQycZquyWM7KiehhnZuf8nbrtcJdVm8Om5St86SMoYIzvrHIRB
	ga7CDPPn549uBg/V9S7VLMjxJ1iHDKgzRzAz8jeD/DQsW1Y29I9CZPtnLyyQmvAe
X-Gm-Gg: ASbGnctX83nKCSfPLdmADMtZ5Rl6g5vUsM8BeJyAumBAZFy49Mk5U7vM7wzYeucCb1y
	GSS9i71qQdaEXQ91N4fPSaWrVB3iQfHXfETqPeCHHpX9J/IvoJDFHqXSGVDa42W/fr4kcDoKNXi
	foh5uuAvobChSE2FVM84ys4tIg4leSSMKPGfYJKZxEDWVwPjSm/ZeaE2rKQx1ufczojgiz0QEbT
	vBMNKHb3si0TbN+VIyKIO9g0sKSfa4JzRwCe5olfsV0QHvmKiuzOFXsZ5ZRzu+mYhKzofHNuESQ
	rITpaWLDE7R+AdG8mN4pbmfrej1NeNWR51DziFTZVdnJJEYdqrUJjSNqprY3+ABD462LLdzMowz
	XzsN3jzzvUarUmfHk2cqOLwQtuSJ92paoMscZ4hgDgpG814cHvY4Tz9Y=
X-Google-Smtp-Source: 
 AGHT+IHgcBSHdLibgKJ+QkiPwTTGGlO52JM3eEfX09nlQ1q4Zoitamb6CgY+/HzGA34nQ7AvRHM1Dw==
X-Received: by 2002:a17:907:3d89:b0:b3e:f89e:9840 with SMTP id
 a640c23a62f3a-b50aa9a1e57mr522384766b.20.1759957159581;
        Wed, 08 Oct 2025 13:59:19 -0700 (PDT)
Received: from desktop ([51.154.145.205])
        by smtp.gmail.com with ESMTPSA id
 a640c23a62f3a-b486a173b4csm1740511166b.86.2025.10.08.13.59.18
        for <openembedded-devel@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Wed, 08 Oct 2025 13:59:19 -0700 (PDT)
From: Gyorgy Sarvari <skandigraun@gmail.com>
To: openembedded-devel@lists.openembedded.org
Subject: [meta-oe][walnascar][PATCH 07/11] imagemagick: patch CVE-2025-55154
Date: Wed,  8 Oct 2025 22:59:10 +0200
Message-ID: <20251008205914.598660-7-skandigraun@gmail.com>
X-Mailer: git-send-email 2.51.0
In-Reply-To: <20251008205914.598660-1-skandigraun@gmail.com>
References: <20251008205914.598660-1-skandigraun@gmail.com>
MIME-Version: 1.0
List-Id: <openembedded-devel.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-devel@lists.openembedded.org>; Wed, 08 Oct 2025 20:59:29 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-devel/message/120390

Details: https://nvd.nist.gov/vuln/detail/CVE-2025-55154

Pick the commit that mentions the related github advisory in its commit message.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
---
 .../imagemagick/0001-CVE-2025-55154.patch     | 80 +++++++++++++++++++
 .../imagemagick/imagemagick_7.1.1-43.bb       |  1 +
 2 files changed, 81 insertions(+)
 create mode 100644 meta-oe/recipes-support/imagemagick/imagemagick/0001-CVE-2025-55154.patch

diff --git a/meta-oe/recipes-support/imagemagick/imagemagick/0001-CVE-2025-55154.patch b/meta-oe/recipes-support/imagemagick/imagemagick/0001-CVE-2025-55154.patch
new file mode 100644
index 0000000000..9092d58d55
--- /dev/null
+++ b/meta-oe/recipes-support/imagemagick/imagemagick/0001-CVE-2025-55154.patch
@@ -0,0 +1,80 @@
+From ed4ceb060ceb72daeb931c639ae36d10c48b4b83 Mon Sep 17 00:00:00 2001
+From: Cristy <urban-warrior@imagemagick.org>
+Date: Sat, 9 Aug 2025 08:28:23 -0400
+Subject: [PATCH] CVE-2025-55154
+
+https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-qp29-wxp5-wh82
+
+CVE: CVE-2025-55154
+Upstream-Status: Backport [https://github.com/ImageMagick/ImageMagick/commit/db986e4782e9f6cc42a0e50151dc4fe43641b337]
+Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
+---
+ coders/png.c | 16 ++++++++--------
+ 1 file changed, 8 insertions(+), 8 deletions(-)
+
+diff --git a/coders/png.c b/coders/png.c
+index 9594623e3..46a6720b1 100644
+--- a/coders/png.c
++++ b/coders/png.c
+@@ -6392,19 +6392,19 @@ static Image *ReadOneMNGImage(MngReadInfo* mng_info,
+               mng_info->magn_methy = 1;
+             if (mng_info->magn_methx == 1)
+               {
+-                magnified_width=mng_info->magn_ml;
++                magnified_width=(size_t) mng_info->magn_ml;
+ 
+                 if (image->columns > 1)
+                    magnified_width += mng_info->magn_mr;
+ 
+                 if (image->columns > 2)
+-                   magnified_width += (png_uint_32)
++                   magnified_width += (size_t)
+                       ((image->columns-2)*(mng_info->magn_mx));
+               }
+ 
+             else
+               {
+-                magnified_width=(png_uint_32) image->columns;
++                magnified_width=(size_t) image->columns;
+ 
+                 if (image->columns > 1)
+                    magnified_width += mng_info->magn_ml-1;
+@@ -6413,25 +6413,25 @@ static Image *ReadOneMNGImage(MngReadInfo* mng_info,
+                    magnified_width += mng_info->magn_mr-1;
+ 
+                 if (image->columns > 3)
+-                   magnified_width += (png_uint_32)
++                   magnified_width += (size_t)
+                       ((image->columns-3)*(mng_info->magn_mx-1));
+               }
+ 
+             if (mng_info->magn_methy == 1)
+               {
+-                magnified_height=mng_info->magn_mt;
++                magnified_height=(size_t) mng_info->magn_mt;
+ 
+                 if (image->rows > 1)
+                    magnified_height += mng_info->magn_mb;
+ 
+                 if (image->rows > 2)
+-                   magnified_height += (png_uint_32)
++                   magnified_height += (size_t)
+                       ((image->rows-2)*(mng_info->magn_my));
+               }
+ 
+             else
+               {
+-                magnified_height=(png_uint_32) image->rows;
++                magnified_height=(size_t) image->rows;
+ 
+                 if (image->rows > 1)
+                    magnified_height += mng_info->magn_mt-1;
+@@ -6440,7 +6440,7 @@ static Image *ReadOneMNGImage(MngReadInfo* mng_info,
+                    magnified_height += mng_info->magn_mb-1;
+ 
+                 if (image->rows > 3)
+-                   magnified_height += (png_uint_32)
++                   magnified_height += (size_t)
+                       ((image->rows-3)*(mng_info->magn_my-1));
+               }
+ 
diff --git a/meta-oe/recipes-support/imagemagick/imagemagick_7.1.1-43.bb b/meta-oe/recipes-support/imagemagick/imagemagick_7.1.1-43.bb
index 690f3d27aa..cca4c8ff1b 100644
--- a/meta-oe/recipes-support/imagemagick/imagemagick_7.1.1-43.bb
+++ b/meta-oe/recipes-support/imagemagick/imagemagick_7.1.1-43.bb
@@ -20,6 +20,7 @@ SRC_URI = "git://github.com/ImageMagick/ImageMagick.git;branch=main;protocol=htt
            file://0001-https-github.com-ImageMagick-ImageMagick-security-ad.patch \
            file://0001-CVE-2025-55004.patch \
            file://0001-CVE-2025-55005.patch \
+           file://0001-CVE-2025-55154.patch \
            "
 SRCREV = "a2d96f40e707ba54b57e7d98c3277d3ea6611ace"
 

From patchwork Wed Oct  8 20:59:11 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Gyorgy Sarvari <skandigraun@gmail.com>
X-Patchwork-Id: 71878
Return-Path: <skandigraun@gmail.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 7A0A3CCD188
	for <webhook@archiver.kernel.org>; Wed,  8 Oct 2025 20:59:29 +0000 (UTC)
Received: from mail-ed1-f51.google.com (mail-ed1-f51.google.com
 [209.85.208.51])
 by mx.groups.io with SMTP id smtpd.web11.2605.1759957162182203099
 for <openembedded-devel@lists.openembedded.org>;
 Wed, 08 Oct 2025 13:59:22 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@gmail.com header.s=20230601 header.b=GK8KQc4o;
 spf=pass (domain: gmail.com, ip: 209.85.208.51,
 mailfrom: skandigraun@gmail.com)
Received: by mail-ed1-f51.google.com with SMTP id
 4fb4d7f45d1cf-6394938e0ecso404941a12.1
        for <openembedded-devel@lists.openembedded.org>;
 Wed, 08 Oct 2025 13:59:21 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20230601; t=1759957160; x=1760561960;
 darn=lists.openembedded.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:from:to:cc:subject:date:message-id
         :reply-to;
        bh=4oex3BojXI8AW7UEsFgYvwYN9YSTWljoaxa+bM3Qk4w=;
        b=GK8KQc4ofJWe9/Jdech/FI6QWOwhQLpX5MQflM8HOc68P57xfzUqHVKmBlZ7JhQ2/9
         qaAHpBT9AFfiyfB5Q+771YhHLTeXchp+ndrMmRO9VQKdDpMCIRZ+rz+Igs0iPX6B6R+5
         ysO2r62RdVm8jO3/S4rdwvXMsS+Ug79Fek9Px/qcj8xz9rTUIRe4ADGXaIUWUL2yzVPU
         /pnOM+eZpNkdgQZSe/MEtTyXqDb9My7vrQM/cTmEj0aGnW13geg5/RRCMBaPt/g2U1My
         LbZlGXbPhent8S8tc57UhMnAWNbUtgiI9svgCowM0YpfuFFaAFp72RwnQi5aPnIfP3EA
         zVoA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1759957160; x=1760561960;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=4oex3BojXI8AW7UEsFgYvwYN9YSTWljoaxa+bM3Qk4w=;
        b=olV88jQYDGA2xaaGPFPePNKLXIFbN3GKv9CUjx5BTlEfYhe3VEBzlmYLcDEeSeLleT
         DE/bt7b8VHoTvu3BEUT2Zp/ivaI139KPuxnZqBi3GbFfqLckleO2caNIbpPVHLX//XTz
         RvyLL1oi27OM/rnfJ6hx/P+rr+VPVVuausCNpc9ftCRqEVkNie6mNeMw6u5h0x82dh+q
         pdkufOLu711MSUfxXz14mlG1JQYmmVFeZxCDOTaQQek3Nld0fy7ISaI7ZVmAA/0gbDyI
         c3zXcsNhINNcwWtrjQZVqbvfQvuxdT9p9E+uqQaxPVaYEoHUFvConce+BPxoyChRRTo0
         YJOw==
X-Gm-Message-State: AOJu0YyC8DVr4yYgg0urgps1XbRszII+SBywr15PtG0wCnMQx2smP5jl
	fR/Bc2dhEexbt43V1wvf6DyZfUnCFJy3ig807HFa5AYeavGXH8S+EYf8o2BUohtz
X-Gm-Gg: ASbGnctnR0cALSUnfaj0AxPKBV4ZEersW1inWKIrDIUzHIUXiP19HcALZ+M5sLUK//L
	yUew6kgYCvMWJmPddEktK/Ga9qDLqe5xgMmWXeLyAbHCnB+6z3AnKeCWWFBFHA0le4M0L/RJDf7
	rIKTe99WUA5I7k2FZB2F2USWIsj7dvLvw47Xq1ft6jVsR/eTEdfqk0Fk+ww/9rK4723iUUbneaW
	PgPAKhvqhVWWI98dRlftZPxvCjLYRA1A8LMIUs0jlcogEi51y9inQ211rO3/4F43NXfK8f4JZeo
	G5RyDC9Snx7HyAn9PqghgT5gVo3wfZmRTtYf0HXPfquT168wZfPEbE90X+gZUBfQ5e59uTyy30U
	YRX7c78nuuUVkUaWcRpW2bNxGs27RR/Slx2UoC+4TMldtqX3THTmMYws=
X-Google-Smtp-Source: 
 AGHT+IHoreBdkX7TRN/Ywp+BhK1dPHK7G6f8Z40FZ3guVzRc3z8TI2iM35OHtO9l5oJ+sGKsqTKLPg==
X-Received: by 2002:a17:907:7f8a:b0:b45:e8e2:ade3 with SMTP id
 a640c23a62f3a-b50ace225f8mr454285566b.64.1759957160370;
        Wed, 08 Oct 2025 13:59:20 -0700 (PDT)
Received: from desktop ([51.154.145.205])
        by smtp.gmail.com with ESMTPSA id
 a640c23a62f3a-b486a173b4csm1740511166b.86.2025.10.08.13.59.19
        for <openembedded-devel@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Wed, 08 Oct 2025 13:59:20 -0700 (PDT)
From: Gyorgy Sarvari <skandigraun@gmail.com>
To: openembedded-devel@lists.openembedded.org
Subject: [meta-oe][walnascar][PATCH 08/11] imagemagick: patch CVE-2025-55160
Date: Wed,  8 Oct 2025 22:59:11 +0200
Message-ID: <20251008205914.598660-8-skandigraun@gmail.com>
X-Mailer: git-send-email 2.51.0
In-Reply-To: <20251008205914.598660-1-skandigraun@gmail.com>
References: <20251008205914.598660-1-skandigraun@gmail.com>
MIME-Version: 1.0
List-Id: <openembedded-devel.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-devel@lists.openembedded.org>; Wed, 08 Oct 2025 20:59:29 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-devel/message/120391

Details: https://nvd.nist.gov/vuln/detail/CVE-2025-55160

Pick the commit that mentions the related github advisory in its commit message.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
---
 .../imagemagick/0001-CVE-2025-55160.patch     | 161 ++++++++++++++++++
 .../imagemagick/imagemagick_7.1.1-43.bb       |   1 +
 2 files changed, 162 insertions(+)
 create mode 100644 meta-oe/recipes-support/imagemagick/imagemagick/0001-CVE-2025-55160.patch

diff --git a/meta-oe/recipes-support/imagemagick/imagemagick/0001-CVE-2025-55160.patch b/meta-oe/recipes-support/imagemagick/imagemagick/0001-CVE-2025-55160.patch
new file mode 100644
index 0000000000..c9fbeb907a
--- /dev/null
+++ b/meta-oe/recipes-support/imagemagick/imagemagick/0001-CVE-2025-55160.patch
@@ -0,0 +1,161 @@
+From 0d03196a77a14c124c4d5c7b817c67a448251731 Mon Sep 17 00:00:00 2001
+From: Cristy <urban-warrior@imagemagick.org>
+Date: Sun, 10 Aug 2025 08:28:28 -0400
+Subject: [PATCH] CVE-2025-55160
+
+https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-6hgw-6x87-578x
+
+CVE: CVE-2025-55160
+Upstream-Status: Backport [https://github.com/ImageMagick/ImageMagick/commit/63d8769dd6a8f32f4096c71be9e08a2c081e47da]
+
+Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
+---
+ MagickCore/artifact.c | 17 ++++++++++++++++-
+ MagickCore/option.c   | 17 ++++++++++++++++-
+ MagickCore/profile.c  | 19 ++++++++++++++++++-
+ MagickCore/property.c | 18 ++++++++++++++++--
+ 4 files changed, 66 insertions(+), 5 deletions(-)
+
+diff --git a/MagickCore/artifact.c b/MagickCore/artifact.c
+index dae6aaaf0..764ef75a4 100644
+--- a/MagickCore/artifact.c
++++ b/MagickCore/artifact.c
+@@ -99,6 +99,21 @@
+ %    o clone_image: the source image for artifacts to clone.
+ %
+ */
++
++typedef char
++  *(*CloneKeyFunc)(const char *),
++  *(*CloneValueFunc)(const char *);
++
++static inline void *CloneArtifactKey(void *key)
++{
++  return((void *) ((CloneKeyFunc) ConstantString)((const char *) key));
++}
++
++static inline void *CloneArtifactValue(void *value)
++{
++  return((void *) ((CloneValueFunc) ConstantString)((const char *) value));
++}
++
+ MagickExport MagickBooleanType CloneImageArtifacts(Image *image,
+   const Image *clone_image)
+ {
+@@ -117,7 +132,7 @@ MagickExport MagickBooleanType CloneImageArtifacts(Image *image,
+       if (image->artifacts != (void *) NULL)
+         DestroyImageArtifacts(image);
+       image->artifacts=CloneSplayTree((SplayTreeInfo *) clone_image->artifacts,
+-        (void *(*)(void *)) ConstantString,(void *(*)(void *)) ConstantString);
++        CloneArtifactKey,CloneArtifactValue);
+     }
+   return(MagickTrue);
+ }
+diff --git a/MagickCore/option.c b/MagickCore/option.c
+index 6774334d3..e60cd878b 100644
+--- a/MagickCore/option.c
++++ b/MagickCore/option.c
+@@ -2358,6 +2358,21 @@ static const OptionInfo
+ %    o clone_info: the source image info for options to clone.
+ %
+ */
++
++typedef char
++  *(*CloneKeyFunc)(const char *),
++  *(*CloneValueFunc)(const char *);
++
++static inline void *CloneOptionKey(void *key)
++{
++  return((void *) ((CloneKeyFunc) ConstantString)((const char *) key));
++}
++
++static inline void *CloneOptionValue(void *value)
++{
++  return((void *) ((CloneValueFunc) ConstantString)((const char *) value));
++}
++
+ MagickExport MagickBooleanType CloneImageOptions(ImageInfo *image_info,
+   const ImageInfo *clone_info)
+ {
+@@ -2373,7 +2388,7 @@ MagickExport MagickBooleanType CloneImageOptions(ImageInfo *image_info,
+       if (image_info->options != (void *) NULL)
+         DestroyImageOptions(image_info);
+       image_info->options=CloneSplayTree((SplayTreeInfo *) clone_info->options,
+-        (void *(*)(void *)) ConstantString,(void *(*)(void *)) ConstantString);
++        CloneOptionKey,CloneOptionValue);
+     }
+   return(MagickTrue);
+ }
+diff --git a/MagickCore/profile.c b/MagickCore/profile.c
+index a68e54f14..e131bd6ec 100644
+--- a/MagickCore/profile.c
++++ b/MagickCore/profile.c
+@@ -143,6 +143,23 @@ typedef struct _CMSExceptionInfo
+ %    o clone_image: the clone image.
+ %
+ */
++
++typedef char
++  *(*CloneKeyFunc)(const char *);
++
++typedef StringInfo
++  *(*CloneValueFunc)(const StringInfo *);
++
++static inline void *CloneProfileKey(void *key)
++{
++  return((void *) ((CloneKeyFunc) ConstantString)((const char *) key));
++}
++
++static inline void *CloneProfileValue(void *value)
++{
++  return((void *) ((CloneValueFunc) CloneStringInfo)((const StringInfo *) value));
++}
++
+ MagickExport MagickBooleanType CloneImageProfiles(Image *image,
+   const Image *clone_image)
+ {
+@@ -157,7 +174,7 @@ MagickExport MagickBooleanType CloneImageProfiles(Image *image,
+       if (image->profiles != (void *) NULL)
+         DestroyImageProfiles(image);
+       image->profiles=CloneSplayTree((SplayTreeInfo *) clone_image->profiles,
+-        (void *(*)(void *)) ConstantString,(void *(*)(void *)) CloneStringInfo);
++        CloneProfileKey,CloneProfileValue);
+     }
+   return(MagickTrue);
+ }
+diff --git a/MagickCore/property.c b/MagickCore/property.c
+index 1d9e50184..8a6727de4 100644
+--- a/MagickCore/property.c
++++ b/MagickCore/property.c
+@@ -131,6 +131,21 @@
+ %    o clone_image: the clone image.
+ %
+ */
++
++typedef char
++  *(*CloneKeyFunc)(const char *),
++  *(*CloneValueFunc)(const char *);
++
++static inline void *ClonePropertyKey(void *key)
++{
++  return((void *) ((CloneKeyFunc) ConstantString)((const char *) key));
++}
++
++static inline void *ClonePropertyValue(void *value)
++{
++  return((void *) ((CloneValueFunc) ConstantString)((const char *) value));
++}
++
+ MagickExport MagickBooleanType CloneImageProperties(Image *image,
+   const Image *clone_image)
+ {
+@@ -195,8 +210,7 @@ MagickExport MagickBooleanType CloneImageProperties(Image *image,
+       if (image->properties != (void *) NULL)
+         DestroyImageProperties(image);
+       image->properties=CloneSplayTree((SplayTreeInfo *)
+-        clone_image->properties,(void *(*)(void *)) ConstantString,
+-        (void *(*)(void *)) ConstantString);
++        clone_image->properties,ClonePropertyKey,ClonePropertyValue);
+     }
+   return(MagickTrue);
+ }
diff --git a/meta-oe/recipes-support/imagemagick/imagemagick_7.1.1-43.bb b/meta-oe/recipes-support/imagemagick/imagemagick_7.1.1-43.bb
index cca4c8ff1b..8c83d018cc 100644
--- a/meta-oe/recipes-support/imagemagick/imagemagick_7.1.1-43.bb
+++ b/meta-oe/recipes-support/imagemagick/imagemagick_7.1.1-43.bb
@@ -21,6 +21,7 @@ SRC_URI = "git://github.com/ImageMagick/ImageMagick.git;branch=main;protocol=htt
            file://0001-CVE-2025-55004.patch \
            file://0001-CVE-2025-55005.patch \
            file://0001-CVE-2025-55154.patch \
+           file://0001-CVE-2025-55160.patch \
            "
 SRCREV = "a2d96f40e707ba54b57e7d98c3277d3ea6611ace"
 

From patchwork Wed Oct  8 20:59:12 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Gyorgy Sarvari <skandigraun@gmail.com>
X-Patchwork-Id: 71879
Return-Path: <skandigraun@gmail.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 85FADCCD189
	for <webhook@archiver.kernel.org>; Wed,  8 Oct 2025 20:59:29 +0000 (UTC)
Received: from mail-ej1-f50.google.com (mail-ej1-f50.google.com
 [209.85.218.50])
 by mx.groups.io with SMTP id smtpd.web10.2625.1759957162880593523
 for <openembedded-devel@lists.openembedded.org>;
 Wed, 08 Oct 2025 13:59:23 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@gmail.com header.s=20230601 header.b=g+gYW9bQ;
 spf=pass (domain: gmail.com, ip: 209.85.218.50,
 mailfrom: skandigraun@gmail.com)
Received: by mail-ej1-f50.google.com with SMTP id
 a640c23a62f3a-b50206773adso255085266b.0
        for <openembedded-devel@lists.openembedded.org>;
 Wed, 08 Oct 2025 13:59:22 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20230601; t=1759957161; x=1760561961;
 darn=lists.openembedded.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:from:to:cc:subject:date:message-id
         :reply-to;
        bh=qI9HHzYWEIZ7yTG1ddhUjmm/YTEU2tLGbfgPGYoomow=;
        b=g+gYW9bQbRWSz6/L0IQGFnV2qZ96uDr/1xxHMqOMXF/C7SR2q5Go++MTkIaJH4CFZy
         8GHbiE3S2WQyw/7XKTmHSar8knBWgT7RDGrgurJqxsYaN/V3glqDoNnuXd8hEtPmCrTV
         OqXRfzdQlM10dqcAr8eXEnY2IMolCTP5h1JNK6moS7VOlrS7mmxV5L37Kasm/9IDkiCX
         4x8JcmUd5As9nsbY3ORmb3c6egJN/RMtOoETTi+ankRGlUJPS/c1eotqZ1kuXY1VNiGe
         K2SS2R1+aJBinoNP2/+nmWPxkqLj/RNlTKlQSuXMh7SuDfaD+oAVLfoIFL3181RCZl0Q
         3RrA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1759957161; x=1760561961;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=qI9HHzYWEIZ7yTG1ddhUjmm/YTEU2tLGbfgPGYoomow=;
        b=vkMjIzpmEIq57xzuwD7LOx4hgJZzOtv9Ill0WiYccKjH8G0FPmk99UJJn8wTZU2sNd
         M14zz+JUWpfG4MTFP5GSATdPYI5vM1edkQIIMhgTRqhDWeRRs9pI4SiJnmmwdRa2kZFL
         j1gv4oXY+mQJpqylkGq6Og4M5P4ck9LF0pAZDP61Vu4jB1xvb3q51ttGBm4fuZrmbkj3
         UG4lVucrROnG4Y2eVnJF49WgSM2xzRErUcCpQc/608zCS4TfDt6zBet4XStvPtoS72tN
         ZksgoeVLHdpjmJKvo/D9qzbnaeJ7T/Thv4YbVjXC/IMJn8nlZCkyKHFaMHM0hSFUPgo/
         3ajQ==
X-Gm-Message-State: AOJu0YzXVKQjocyqVj0UI2LTYWcbFALM4PHlvSHYmgfMT+wQUQgQPqs+
	QVdRFpaQs+lLaU2+QxVnARJ1XzxOXW8HuLLcp5B0tZnaAxsI+4OlzNlciBsr2UnO
X-Gm-Gg: ASbGnctXMvnbutvMaXNVpC82M3UW5lafEAr4RKGg1+POPCfc8zNvciJW/cKVYZy33cu
	1KPwYSKla1fqJnN6M6rW4lAnBXLCiTL79rVczko3NqFPdCXtWLKA3jltJ9icp36ZjXt2Q+PlXEC
	7WgM4y763r3O59YS1Jc+u6Jo+7SW/NJ2QRIvhAOr7n/MBNhxH8oOgFT07URwNEfpjun40YYoVlI
	ItrHM6l7rA3aC204TjcraptvaLKUxHNG3LR8lc9s1iUGHMubzSFbpS8qzKyQ4IQGB5sHN+KPRe5
	pCbojtesLnk2RqQfQ5qVP49ePEH2aSq7kepLlksdXSydwpkvYM1f3I7C+fQCliCCRD4ihdVDhOt
	7elwOngZYArrW/jhErXhNf3hGbOJ73vxGKHDdI9n/szrW
X-Google-Smtp-Source: 
 AGHT+IEWAwFyhrpquOcmMI4QoEOfAPgg0bXf9NYdI1oX+1SPr9TRKa6kLSloJ+Sf0STsXSPcJrPkgg==
X-Received: by 2002:a17:907:d412:b0:b3c:d31:31ca with SMTP id
 a640c23a62f3a-b4f429f3443mr1083437166b.17.1759957161093;
        Wed, 08 Oct 2025 13:59:21 -0700 (PDT)
Received: from desktop ([51.154.145.205])
        by smtp.gmail.com with ESMTPSA id
 a640c23a62f3a-b486a173b4csm1740511166b.86.2025.10.08.13.59.20
        for <openembedded-devel@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Wed, 08 Oct 2025 13:59:20 -0700 (PDT)
From: Gyorgy Sarvari <skandigraun@gmail.com>
To: openembedded-devel@lists.openembedded.org
Subject: [meta-oe][walnascar][PATCH 09/11] imagemagick: patch CVE-2025-55212
Date: Wed,  8 Oct 2025 22:59:12 +0200
Message-ID: <20251008205914.598660-9-skandigraun@gmail.com>
X-Mailer: git-send-email 2.51.0
In-Reply-To: <20251008205914.598660-1-skandigraun@gmail.com>
References: <20251008205914.598660-1-skandigraun@gmail.com>
MIME-Version: 1.0
List-Id: <openembedded-devel.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-devel@lists.openembedded.org>; Wed, 08 Oct 2025 20:59:29 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-devel/message/120392

Details: https://nvd.nist.gov/vuln/detail/CVE-2025-55212

Pick the patch that mentions the related github advisory in its commit message.

Also backport the missing function that the fix uses.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
---
 .../imagemagick/0001-CVE-2025-55212.patch     | 56 +++++++++++++++++++
 .../imagemagick/imagemagick_7.1.1-43.bb       |  1 +
 2 files changed, 57 insertions(+)
 create mode 100644 meta-oe/recipes-support/imagemagick/imagemagick/0001-CVE-2025-55212.patch

diff --git a/meta-oe/recipes-support/imagemagick/imagemagick/0001-CVE-2025-55212.patch b/meta-oe/recipes-support/imagemagick/imagemagick/0001-CVE-2025-55212.patch
new file mode 100644
index 0000000000..c409dc807d
--- /dev/null
+++ b/meta-oe/recipes-support/imagemagick/imagemagick/0001-CVE-2025-55212.patch
@@ -0,0 +1,56 @@
+From a5acb50364cfa7fa6cfb56af9b2c1ac3d7efce93 Mon Sep 17 00:00:00 2001
+From: Cristy <urban-warrior@imagemagick.org>
+Date: Sun, 17 Aug 2025 14:33:44 -0400
+Subject: [PATCH] CVE-2025-55212
+
+https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-fh55-q5pj-pxgw
+
+CVE: CVE-2025-55212
+Upstream-Status: Backport [https://github.com/ImageMagick/ImageMagick/commit/5f0bcf986b8b5e90567750d31a37af502b73f2af]
+Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
+---
+ MagickCore/resize.c | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/MagickCore/resize.c b/MagickCore/resize.c
+index 381b3a663..d34c5e23a 100644
+--- a/MagickCore/resize.c
++++ b/MagickCore/resize.c
+@@ -74,6 +74,7 @@
+ #include "MagickCore/resize.h"
+ #include "MagickCore/resize-private.h"
+ #include "MagickCore/resource_.h"
++#include "MagickCore/statistic-private.h"
+ #include "MagickCore/string_.h"
+ #include "MagickCore/string-private.h"
+ #include "MagickCore/thread-private.h"
+@@ -4602,8 +4602,10 @@ MagickExport Image *ThumbnailImage(const Image *image,const size_t columns,
+         x_factor,
+         y_factor;
+ 
+-      x_factor=(ssize_t) image->columns/(ssize_t) columns;
++      x_factor=(ssize_t) (image->columns*MagickSafeReciprocal((double) 
++        columns));
+       y_factor=(ssize_t) image->rows/(ssize_t) rows;
++      y_factor=(ssize_t) (image->rows*MagickSafeReciprocal((double) rows));
+       if ((x_factor > 4) && (y_factor > 4))
+         {
+           thumbnail_image=SampleImage(clone_image,4*columns,4*rows,exception);
+diff --git a/MagickCore/statistic-private.h b/MagickCore/statistic-private.h
+index f873a472b..0c9a6843d 100644
+--- a/MagickCore/statistic-private.h
++++ b/MagickCore/statistic-private.h
+@@ -29,6 +29,13 @@ static inline double MagickLog10(const double x)
+   return(log10(fabs(x)));
+ }
+ 
++static inline double MagickSafeReciprocal(const double x)
++{
++  if ((x > -MagickEpsilon) && (x < MagickEpsilon))
++    return(1.0/MagickEpsilon);
++  return(1.0/x);
++}
++
+ #if defined(__cplusplus) || defined(c_plusplus)
+ }
+ #endif
diff --git a/meta-oe/recipes-support/imagemagick/imagemagick_7.1.1-43.bb b/meta-oe/recipes-support/imagemagick/imagemagick_7.1.1-43.bb
index 8c83d018cc..eed07642d9 100644
--- a/meta-oe/recipes-support/imagemagick/imagemagick_7.1.1-43.bb
+++ b/meta-oe/recipes-support/imagemagick/imagemagick_7.1.1-43.bb
@@ -22,6 +22,7 @@ SRC_URI = "git://github.com/ImageMagick/ImageMagick.git;branch=main;protocol=htt
            file://0001-CVE-2025-55005.patch \
            file://0001-CVE-2025-55154.patch \
            file://0001-CVE-2025-55160.patch \
+           file://0001-CVE-2025-55212.patch \
            "
 SRCREV = "a2d96f40e707ba54b57e7d98c3277d3ea6611ace"
 

From patchwork Wed Oct  8 20:59:13 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Gyorgy Sarvari <skandigraun@gmail.com>
X-Patchwork-Id: 71875
Return-Path: <skandigraun@gmail.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 918F5CCD18B
	for <webhook@archiver.kernel.org>; Wed,  8 Oct 2025 20:59:29 +0000 (UTC)
Received: from mail-ej1-f45.google.com (mail-ej1-f45.google.com
 [209.85.218.45])
 by mx.groups.io with SMTP id smtpd.web10.2626.1759957163595622258
 for <openembedded-devel@lists.openembedded.org>;
 Wed, 08 Oct 2025 13:59:23 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@gmail.com header.s=20230601 header.b=dX9tWHWQ;
 spf=pass (domain: gmail.com, ip: 209.85.218.45,
 mailfrom: skandigraun@gmail.com)
Received: by mail-ej1-f45.google.com with SMTP id
 a640c23a62f3a-b3e234fcd4bso42960966b.3
        for <openembedded-devel@lists.openembedded.org>;
 Wed, 08 Oct 2025 13:59:23 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20230601; t=1759957162; x=1760561962;
 darn=lists.openembedded.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:from:to:cc:subject:date:message-id
         :reply-to;
        bh=Vbef4fcnHgQ7HkeCp7wT3l9llGhtcDZ1ulPVrmTAFI8=;
        b=dX9tWHWQkmC4N5C+ZYsoYI+9eEIOqD6UfgC+fs5eZb2jwsaj1i0JvpTnbLsqeurdhU
         bHIs6rbtCBkc9sTV/M4kowFllQP8/MYCS/zwhAG19rz2VSjQu/Ki8q6VeEbPDEfCPrfz
         l64Cwmcdi2FwPU/aKCokKEroIpvNRZ2CRVdVN/evEPlF96qvqHVc6Zbu/W/WSdvOetEN
         7z2/XXeqHsZxJP6Qox8NLVZ0Wn+5eOQ1ksprF52Uc8syDIkvlePfTSEQjZ6hOtX8i5KE
         Yf5TMFbwI8/QSIPGqgwRhQo+WqaNke+tk+PcdIahGo3eHEijDhjsTWpcq8wXaK8NaYoS
         hiaA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1759957162; x=1760561962;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=Vbef4fcnHgQ7HkeCp7wT3l9llGhtcDZ1ulPVrmTAFI8=;
        b=w6/f8Zsw2PuxwB5Wje9yaXi2d5TInzGuviFF8XpDOrgwhNgAYfkn4gz60+yTBOVb6L
         JAX6mN9cplL27Oux3BoXNCQdslskEKGuNkLTXdobi2QznZgUoH9oTvHCzGq1g7qnyv3f
         Ar7wCnzTJyDRlr5n/pM/mDALncJbK3zgtn0lMBK9Db8mHx3TUMxr0Jc6Gt5ODgQkfXa+
         ct1LMEILXNVa/LG8nnFs6b0tgw7LjKJ/vhghrHmP0PQ2CXYc5AJQLaW1sqQf1aqVL2av
         6u6WLEK7hfdQO7lCDDkU9dYen1IhJKYlILrswRXKGVNqu++sWn4ORQpmzZBxKphp0Jpt
         ohEA==
X-Gm-Message-State: AOJu0Yx1oCembXiFKeSo1FwphUL+Mqm1U4jMA2JZuZdUHQGGdRBiwhcH
	xlYf5pBPotsontAMk5aFORZZ8QGyW9exJW4ZZY/AI5FYX4cgwpe7uhTXko8RtM0E
X-Gm-Gg: ASbGncvysHs+0C8qDymYPvVcSYKPV11mvOutNqTe0Lf1cTK9i6MY0Lmy7Z/K9wjqz4C
	38A7e7sLnalrDr36wEAWBJ3DCqcalJJS0O0LW0Zg1w0KbxrktkXuaDZP+yCslokzP0OQArDsAZo
	N8O0yBtYOwtwzNhv2XqSvD59j5uS2SpC0plgtgwHnGAALyqbCczojZS3yV0LF9hbGYULJaTVlq9
	VO6Ag7Utbtn4/tj+Q01AJZB2XLroEvEzCSiDYWk/eGgDAIvxhtxQb7lSth6FBrI90XdOu0rYb8x
	KN7bc3iFF0xHOfGkAOpga2zyekPpR/EUJd7tCt8800ojqbaMBZFjflj1ls5Cf9WUFfCadLyWlqV
	+kseD7SCy9dXBea2aPMjhWI+gx/uRwra3Bj0MsPURFCqW
X-Google-Smtp-Source: 
 AGHT+IFEL/VXe7OR2h8aZidiBFIFQqXs2L6FqBUUdq1gxTCqCcygRSlT+bhmrZ0dn5vGniTtXVjAAw==
X-Received: by 2002:a17:906:6a28:b0:b3e:8252:cd54 with SMTP id
 a640c23a62f3a-b50ac2cf465mr597729966b.32.1759957161817;
        Wed, 08 Oct 2025 13:59:21 -0700 (PDT)
Received: from desktop ([51.154.145.205])
        by smtp.gmail.com with ESMTPSA id
 a640c23a62f3a-b486a173b4csm1740511166b.86.2025.10.08.13.59.21
        for <openembedded-devel@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Wed, 08 Oct 2025 13:59:21 -0700 (PDT)
From: Gyorgy Sarvari <skandigraun@gmail.com>
To: openembedded-devel@lists.openembedded.org
Subject: [meta-oe][walnascar][PATCH 10/11] imagemagick: patch CVE-2025-57803
Date: Wed,  8 Oct 2025 22:59:13 +0200
Message-ID: <20251008205914.598660-10-skandigraun@gmail.com>
X-Mailer: git-send-email 2.51.0
In-Reply-To: <20251008205914.598660-1-skandigraun@gmail.com>
References: <20251008205914.598660-1-skandigraun@gmail.com>
MIME-Version: 1.0
List-Id: <openembedded-devel.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-devel@lists.openembedded.org>; Wed, 08 Oct 2025 20:59:29 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-devel/message/120393

Details: https://nvd.nist.gov/vuln/detail/CVE-2025-57803

Pick the commit mentioned in the details.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
---
 .../imagemagick/0001-CVE-2025-57803.patch     | 61 +++++++++++++++++++
 .../imagemagick/imagemagick_7.1.1-43.bb       |  1 +
 2 files changed, 62 insertions(+)
 create mode 100644 meta-oe/recipes-support/imagemagick/imagemagick/0001-CVE-2025-57803.patch

diff --git a/meta-oe/recipes-support/imagemagick/imagemagick/0001-CVE-2025-57803.patch b/meta-oe/recipes-support/imagemagick/imagemagick/0001-CVE-2025-57803.patch
new file mode 100644
index 0000000000..dae3e91fe0
--- /dev/null
+++ b/meta-oe/recipes-support/imagemagick/imagemagick/0001-CVE-2025-57803.patch
@@ -0,0 +1,61 @@
+From 6880d5335086451a88fe31fd3109d2cb7c1d5545 Mon Sep 17 00:00:00 2001
+From: Cristy <urban-warrior@imagemagick.org>
+Date: Sat, 23 Aug 2025 09:18:40 -0400
+Subject: [PATCH] CVE-2025-57803
+
+https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-mxvv-97wh-cfmm
+
+CVE: CVE-2025-57803
+Upstream-Status: Backport [https://github.com/ImageMagick/ImageMagick/commit/2c55221f4d38193adcb51056c14cf238fbcc35d7]
+Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
+---
+ coders/bmp.c | 20 ++++++++++++++++----
+ 1 file changed, 16 insertions(+), 4 deletions(-)
+
+diff --git a/coders/bmp.c b/coders/bmp.c
+index d4f58b8ea..8f318e2dc 100644
+--- a/coders/bmp.c
++++ b/coders/bmp.c
+@@ -516,6 +516,11 @@ static MagickBooleanType IsBMP(const unsigned char *magick,const size_t length)
+ %
+ */
+ 
++static inline MagickBooleanType BMPOverflowCheck(size_t x,size_t y)
++{
++  return((y != 0) && (x > 4294967295UL/y) ? MagickTrue : MagickFalse);
++}
++
+ static Image *ReadEmbedImage(const ImageInfo *image_info,Image *image,
+   const char *magick,ExceptionInfo *exception)
+ {
+@@ -609,6 +614,7 @@ static Image *ReadBMPImage(const ImageInfo *image_info,ExceptionInfo *exception)
+   size_t
+     bit,
+     bytes_per_line,
++    extent,
+     length;
+ 
+   ssize_t
+@@ -1109,12 +1115,18 @@ static Image *ReadBMPImage(const ImageInfo *image_info,ExceptionInfo *exception)
+       ThrowReaderException(CorruptImageError,"ImproperImageHeader");
+     if (bmp_info.compression == BI_RLE4)
+       bmp_info.bits_per_pixel<<=1;
+-    bytes_per_line=4*((image->columns*bmp_info.bits_per_pixel+31)/32);
+-    length=(size_t) bytes_per_line*image->rows;
++    extent=image->columns*bmp_info.bits_per_pixel;
++    bytes_per_line=4*((extent+31)/32);
++    if (BMPOverflowCheck(bytes_per_line,image->rows) != MagickFalse)
++      ThrowReaderException(CorruptImageError,"InsufficientImageDataInFile");
++    length=bytes_per_line*image->rows;
+     if ((MagickSizeType) (length/256) > blob_size)
+       ThrowReaderException(CorruptImageError,"InsufficientImageDataInFile");
+-    pixel_info=AcquireVirtualMemory(image->rows,
+-      MagickMax(bytes_per_line,image->columns+1UL)*sizeof(*pixels));
++    extent=MagickMax(bytes_per_line,image->columns+1UL);
++    if ((BMPOverflowCheck(image->rows,extent) != MagickFalse) ||
++        (BMPOverflowCheck(extent,sizeof(*pixels)) != MagickFalse))
++      ThrowReaderException(ResourceLimitError,"MemoryAllocationFailed");
++    pixel_info=AcquireVirtualMemory(image->rows,extent*sizeof(*pixels));
+     if (pixel_info == (MemoryInfo *) NULL)
+       ThrowReaderException(ResourceLimitError,"MemoryAllocationFailed");
+     pixels=(unsigned char *) GetVirtualMemoryBlob(pixel_info);
diff --git a/meta-oe/recipes-support/imagemagick/imagemagick_7.1.1-43.bb b/meta-oe/recipes-support/imagemagick/imagemagick_7.1.1-43.bb
index eed07642d9..8f6e816060 100644
--- a/meta-oe/recipes-support/imagemagick/imagemagick_7.1.1-43.bb
+++ b/meta-oe/recipes-support/imagemagick/imagemagick_7.1.1-43.bb
@@ -23,6 +23,7 @@ SRC_URI = "git://github.com/ImageMagick/ImageMagick.git;branch=main;protocol=htt
            file://0001-CVE-2025-55154.patch \
            file://0001-CVE-2025-55160.patch \
            file://0001-CVE-2025-55212.patch \
+           file://0001-CVE-2025-57803.patch \
            "
 SRCREV = "a2d96f40e707ba54b57e7d98c3277d3ea6611ace"
 

From patchwork Wed Oct  8 20:59:14 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Gyorgy Sarvari <skandigraun@gmail.com>
X-Patchwork-Id: 71880
Return-Path: <skandigraun@gmail.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 9295CCCD18A
	for <webhook@archiver.kernel.org>; Wed,  8 Oct 2025 20:59:29 +0000 (UTC)
Received: from mail-ed1-f50.google.com (mail-ed1-f50.google.com
 [209.85.208.50])
 by mx.groups.io with SMTP id smtpd.web11.2606.1759957164223725015
 for <openembedded-devel@lists.openembedded.org>;
 Wed, 08 Oct 2025 13:59:24 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@gmail.com header.s=20230601 header.b=fVCGwljI;
 spf=pass (domain: gmail.com, ip: 209.85.208.50,
 mailfrom: skandigraun@gmail.com)
Received: by mail-ed1-f50.google.com with SMTP id
 4fb4d7f45d1cf-6349e3578adso513504a12.1
        for <openembedded-devel@lists.openembedded.org>;
 Wed, 08 Oct 2025 13:59:24 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20230601; t=1759957162; x=1760561962;
 darn=lists.openembedded.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:from:to:cc:subject:date:message-id
         :reply-to;
        bh=e474LXv3NFUpa1mVCfuQES46zze1emlzUsMkNHqlIuI=;
        b=fVCGwljITA2YAZ/t+dn9/w0h+FZdhwfTLG/wIOvBjOML0intuDFv2XELP6oyj7Kxwp
         45gr3hJuLwcfCUOs+e74VH9Icq0i1iBSOLrXmya8SVr9qOeI2/zNnOoEkr7B545mgfrW
         1Imt9T0ik7Gk4oGB6Z/jCMErOhCC07LWUMU1JQaa8MZruge39kAmflmGuvV+I2tbqtkx
         wtc2u/hyLbPxkxpgjvqdKnw5LCCiKqeSAMr2DfBPq6W5yDv19fIxPVh4QbZQV0GsPQXM
         RS73vTE0NsbxqRvYNNnh41kgM/6mhsfkUgSuqTVTzkrc0KFrCeykcK9YPI8HNZmUtyiz
         z6FA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1759957162; x=1760561962;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:to:from:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=e474LXv3NFUpa1mVCfuQES46zze1emlzUsMkNHqlIuI=;
        b=grcnEI6/k3uGGUYPAkkG9M75tLkTASamibtvJHwP8CwJFzrjDLghrgZKB8+/8qNVJA
         rJL3m5VuGsJAC5puamH/mT6l1ILi7OHm6GQ2tDyRwPQToSClvFW0iGattzOmTgHJ9rL6
         FpwZeKST2FYyBHQ5AxTw2/lA6lArBWuQxlUH7kOAczMleBhF2w0wi0rGW4oyjLQrsJwn
         YCtFi9aONHdepQWC98Z43KkW4nZp5yZuqsOfcDvetorvymUb753kdHbAKEK/4HOcaceA
         25UtdFE5kxGfnj1UNd019uTj+rm74GIzoWd8J7YVQWO3ec88e8yHYImAu/CqMestZlOR
         0TRA==
X-Gm-Message-State: AOJu0Yz4ceHJUqeuSO7SpsEQ7QZInxaH2zZgsC3adnvH6/7/Un4qlezQ
	EkSwIlMs6QcUVpUIFGn9gHgnMWke2VH92/tFWhrmZ1LoNx8Wf3VXZjYWcKgSWMdZ
X-Gm-Gg: ASbGncscJxuoZ9/t01p/bREB2bCe6IaUbptTNW6nxP8TxTlDtokTczml2Mw//CPI79U
	TwUwzaPuirllmRuVS3LsvFUbOFzygENkrkl4lZC7p4ko6niBy72IlYhOrYxnB5URNerlh4bAhH1
	vjxsMlVUblV5MA20KylTgrk1tJRWFF32iKsskc5s/v/2Z1CRzLYqTUpHA8vVuqoT8X2XPmL5jER
	+nyDYg9eEdrXNOrtgdXGL2HIgRk/icfnZOIYGFeFcBViDFd/BpcJCYMtSbDwXjsmuiS2XoJ257y
	btGdiWlPnL8Rgvm7Log3lsbNnk5OwbTteYFde6NSDYPMPlEieLL0DtjSr3hhEJGNHYapkcaYfFS
	TtA6oz5c6feqrOmMfZzcip21EOJIcRcR4fDanfVYd8Jat
X-Google-Smtp-Source: 
 AGHT+IF64sydwvBc53Z1eqvri5NTZAsxEd3WE59vTDTA6DwOvRiDr4MZkue1QNJuKaylwYsZolnuhA==
X-Received: by 2002:a17:907:db15:b0:b3d:b251:cded with SMTP id
 a640c23a62f3a-b50aa393ba1mr621702366b.16.1759957162508;
        Wed, 08 Oct 2025 13:59:22 -0700 (PDT)
Received: from desktop ([51.154.145.205])
        by smtp.gmail.com with ESMTPSA id
 a640c23a62f3a-b486a173b4csm1740511166b.86.2025.10.08.13.59.21
        for <openembedded-devel@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Wed, 08 Oct 2025 13:59:22 -0700 (PDT)
From: Gyorgy Sarvari <skandigraun@gmail.com>
To: openembedded-devel@lists.openembedded.org
Subject: [meta-oe][walnascar][PATCH 11/11] imagemagick: patch CVE-2025-57807
Date: Wed,  8 Oct 2025 22:59:14 +0200
Message-ID: <20251008205914.598660-11-skandigraun@gmail.com>
X-Mailer: git-send-email 2.51.0
In-Reply-To: <20251008205914.598660-1-skandigraun@gmail.com>
References: <20251008205914.598660-1-skandigraun@gmail.com>
MIME-Version: 1.0
List-Id: <openembedded-devel.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-devel@lists.openembedded.org>; Wed, 08 Oct 2025 20:59:29 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-devel/message/120394

Details: https://nvd.nist.gov/vuln/detail/CVE-2025-57807

Pick the commit mentioned in the details.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
---
 .../imagemagick/0001-CVE-2025-57807.patch     | 46 +++++++++++++++++++
 .../imagemagick/imagemagick_7.1.1-43.bb       |  1 +
 2 files changed, 47 insertions(+)
 create mode 100644 meta-oe/recipes-support/imagemagick/imagemagick/0001-CVE-2025-57807.patch

diff --git a/meta-oe/recipes-support/imagemagick/imagemagick/0001-CVE-2025-57807.patch b/meta-oe/recipes-support/imagemagick/imagemagick/0001-CVE-2025-57807.patch
new file mode 100644
index 0000000000..6178e31e1c
--- /dev/null
+++ b/meta-oe/recipes-support/imagemagick/imagemagick/0001-CVE-2025-57807.patch
@@ -0,0 +1,46 @@
+From f8e4069153330021aefa6fc7c6c09df2444de021 Mon Sep 17 00:00:00 2001
+From: Cristy <urban-warrior@imagemagick.org>
+Date: Sun, 24 Aug 2025 12:32:18 -0400
+Subject: [PATCH] CVE-2025-57807
+
+https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-23hg-53q6-hqfg
+
+CVE: CVE-2025-57807
+Upstream-Status: Backport [https://github.com/ImageMagick/ImageMagick/commit/077a417a19a5ea8c85559b602754a5b928eef23e]
+Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
+---
+ MagickCore/blob.c | 11 +++++++----
+ 1 file changed, 7 insertions(+), 4 deletions(-)
+
+diff --git a/MagickCore/blob.c b/MagickCore/blob.c
+index d00b0ac57..5ee81a68b 100644
+--- a/MagickCore/blob.c
++++ b/MagickCore/blob.c
+@@ -1630,7 +1630,7 @@ static inline ssize_t WriteBlobStream(Image *image,const size_t length,
+   extent=(MagickSizeType) (blob_info->offset+(MagickOffsetType) length);
+   if (extent >= blob_info->extent)
+     {
+-      extent=blob_info->extent+blob_info->quantum+length;
++      extent+=blob_info->quantum+length;
+       blob_info->quantum<<=1;
+       if (SetBlobExtent(image,extent) == MagickFalse)
+         return(0);
+@@ -5912,12 +5912,15 @@ MagickExport ssize_t WriteBlob(Image *image,const size_t length,
+     }
+     case BlobStream:
+     {
+-      if ((blob_info->offset+(MagickOffsetType) length) >=
+-          (MagickOffsetType) blob_info->extent)
++      MagickSizeType
++        extent;
++
++      extent=(MagickSizeType) (blob_info->offset+(MagickOffsetType) length);
++      if (extent >= blob_info->extent)
+         {
+           if (blob_info->mapped != MagickFalse)
+             return(0);
+-          blob_info->extent+=length+blob_info->quantum;
++          blob_info->extent=extent+blob_info->quantum+length;
+           blob_info->quantum<<=1;
+           blob_info->data=(unsigned char *) ResizeQuantumMemory(
+             blob_info->data,blob_info->extent+1,sizeof(*blob_info->data));
diff --git a/meta-oe/recipes-support/imagemagick/imagemagick_7.1.1-43.bb b/meta-oe/recipes-support/imagemagick/imagemagick_7.1.1-43.bb
index 8f6e816060..6e101f061f 100644
--- a/meta-oe/recipes-support/imagemagick/imagemagick_7.1.1-43.bb
+++ b/meta-oe/recipes-support/imagemagick/imagemagick_7.1.1-43.bb
@@ -24,6 +24,7 @@ SRC_URI = "git://github.com/ImageMagick/ImageMagick.git;branch=main;protocol=htt
            file://0001-CVE-2025-55160.patch \
            file://0001-CVE-2025-55212.patch \
            file://0001-CVE-2025-57803.patch \
+           file://0001-CVE-2025-57807.patch \
            "
 SRCREV = "a2d96f40e707ba54b57e7d98c3277d3ea6611ace"