!195 [sync] PR-194: Fix CVE-2023-39978

From: @openeuler-sync-bot 
Reviewed-by: @wang--ge 
Signed-off-by: @wang--ge

CVE-2023-39978.patch

@@ -0,0 +1,23 @@
+From c90e79b3b22fec309cab55af2ee606f71b027b12 Mon Sep 17 00:00:00 2001
+From: Dirk Lemstra <dirk@lemstra.org>
+Date: Sun, 16 Jul 2023 06:45:32 +0200
+Subject: [PATCH] Fixed memory leak.
+
+Origin: https://github.com/ImageMagick/ImageMagick6/commit/c90e79b3b22fec309cab55af2ee606f71b027b12
+
+---
+ magick/draw.c | 1 -
+ 1 file changed, 1 deletion(-)
+
+diff --git a/magick/draw.c b/magick/draw.c
+index 40b6f4be6..7bc5f603d 100644
+--- a/magick/draw.c
++++ b/magick/draw.c
+@@ -383,7 +383,6 @@ MagickExport DrawInfo *CloneDrawInfo(const ImageInfo *image_info,
+     clone_info->composite_mask=CloneImage(draw_info->composite_mask,0,0,
+       MagickTrue,&draw_info->composite_mask->exception);
+   clone_info->render=draw_info->render;
+-  clone_info->image_info=CloneImageInfo(draw_info->image_info);
+   clone_info->debug=draw_info->debug;
+   return(clone_info);
+ }

ImageMagick.spec

@@ -1,13 +1,14 @@
 Name:           ImageMagick
 Epoch:          1
 Version:        6.9.12.86
-Release:        3
+Release:        4
 Summary:        Create, edit, compose, or convert bitmap images
 License:        ImageMagick and MIT
 Url:            http://www.imagemagick.org/
 Source0:        https://www.imagemagick.org/download/ImageMagick-6.9.12-86.tar.xz
 Patch0:         CVE-2023-34151.patch
 Patch1:         CVE-2023-3428.patch
+Patch2:         CVE-2023-39978.patch
 
 BuildRequires:  bzip2-devel freetype-devel libjpeg-devel libpng-devel perl-generators
 BuildRequires:  libtiff-devel giflib-devel zlib-devel perl-devel >= 5.8.1 jbigkit-devel
@@ -165,6 +166,9 @@ rm PerlMagick/demo/Generic.ttf
 %{_libdir}/pkgconfig/ImageMagick++*
 
 %changelog
+* Mon Aug 14 2023 wangkai <13474090681@163.com> - 1:6.9.12.86-4
+- Fix CVE-2023-39978
+
 * Mon Jul 24 2023 wangkai <13474090681@163.com> - 1:6.9.12.86-3
 - Fix CVE-2023-3428