packages/ImageMagick
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!160 [sync] PR-158: Fix CVE-2022-32547

Browse Source 
From: @openeuler-sync-bot 
Reviewed-by: @gitee-cmd 
Signed-off-by: @gitee-cmd
This commit is contained in:
openeuler-ci-bot 2022-11-22 12:33:48 +00:00 committed by Gitee
commit fe0e12314f
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
2 changed files with 35 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
CVE-2022-32547.patch Normal file
View File

@ -0,0 +1,30 @@
From dc070da861a015d3c97488fdcca6063b44d47a7b Mon Sep 17 00:00:00 2001
From: Cristy <urban-warrior@imagemagick.org>
Date: Sat, 9 Apr 2022 08:40:54 -0400
Subject: [PATCH] https://github.com/ImageMagick/ImageMagick/pull/5034
---
magick/property.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/magick/property.c b/magick/property.c
index 2d80493dd2..bfc689466d 100644
--- a/magick/property.c
+++ b/magick/property.c
@@ -1526,12 +1526,14 @@ static MagickBooleanType GetEXIFProperty(const Image *image,
}
case EXIF_FMT_SINGLE:
{
- EXIFMultipleValues(4,"%f",(double) *(float *) p1);
+ EXIFMultipleValues(4,"%.20g",(double)
+ ReadPropertySignedLong(endian,p1));
break;
}
case EXIF_FMT_DOUBLE:
{
- EXIFMultipleValues(8,"%f",*(double *) p1);
+ EXIFMultipleValues(8,"%.20g",(double)
+ ReadPropertySignedLong(endian,p1));
break;
}
case EXIF_FMT_STRING:

6
ImageMagick.spec
View File

@ -1,7 +1,7 @@
Name: ImageMagick
Epoch: 1
Version: 6.9.12.43
Release: 3
Release: 4
Summary: Create, edit, compose, or convert bitmap images
License: ImageMagick and MIT
Url: http://www.imagemagick.org/
@ -11,6 +11,7 @@ Patch0001: backport-fix-CVE-2022-1115.patch
Patch0002: CVE-2022-3213-pre1.patch
Patch0003: CVE-2022-3213-pre2.patch
Patch0004: CVE-2022-3213.patch
Patch0005: CVE-2022-32547.patch
BuildRequires: bzip2-devel freetype-devel libjpeg-devel libpng-devel perl-generators
@ -169,6 +170,9 @@ rm PerlMagick/demo/Generic.ttf
%{_libdir}/pkgconfig/ImageMagick++*
%changelog
* Tue Nov 22 2022 yaoxin <yaoxin30@h-partners.com> - 1:6.9.12.43-4
- Fix CVE-2022-32547
* Thu Oct 13 2022 chenwenjie <chenwenjie@ncti-gba.cn> - 1:6.9.12.43-3
- fix CVE-2022-3213