diff --git a/meta-oe/recipes-support/imagemagick/imagemagick/CVE-2025-68950.patch b/meta-oe/recipes-support/imagemagick/imagemagick/CVE-2025-68950.patch new file mode 100644 index 0000000000..c0b49379a5 --- /dev/null +++ b/meta-oe/recipes-support/imagemagick/imagemagick/CVE-2025-68950.patch @@ -0,0 +1,25 @@ +From 0948d1ee1eb5c86d257e03c7bcdb738a3bbac549 Mon Sep 17 00:00:00 2001 +From: Cristy +Date: Fri, 26 Dec 2025 11:22:12 -0500 +Subject: [PATCH] + https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-7rvh-xqp3-pr8j + +CVE: CVE-2025-68950 +Upstream-Status: Backport [https://github.com/ImageMagick/ImageMagick/commit/204718c2211903949dcfc0df8e65ed066b008dec] +Signed-off-by: Gyorgy Sarvari +--- + MagickCore/draw.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/MagickCore/draw.c b/MagickCore/draw.c +index db555f654..7fe9675f5 100644 +--- a/MagickCore/draw.c ++++ b/MagickCore/draw.c +@@ -5697,6 +5697,7 @@ MagickExport MagickBooleanType DrawPrimitive(Image *image, + if ((LocaleCompare(clone_info->magick,"ftp") != 0) && + (LocaleCompare(clone_info->magick,"http") != 0) && + (LocaleCompare(clone_info->magick,"https") != 0) && ++ (LocaleCompare(clone_info->magick,"mvg") != 0) && + (LocaleCompare(clone_info->magick,"vid") != 0)) + composite_images=ReadImage(clone_info,exception); + else diff --git a/meta-oe/recipes-support/imagemagick/imagemagick_7.1.1.bb b/meta-oe/recipes-support/imagemagick/imagemagick_7.1.1.bb index 0e52519558..60e206e8f1 100644 --- a/meta-oe/recipes-support/imagemagick/imagemagick_7.1.1.bb +++ b/meta-oe/recipes-support/imagemagick/imagemagick_7.1.1.bb @@ -27,6 +27,7 @@ SRC_URI = "git://github.com/ImageMagick/ImageMagick.git;branch=main;protocol=htt file://CVE-2025-65955.patch \ file://CVE-2025-66628.patch \ file://CVE-2025-68618.patch \ + file://CVE-2025-68950.patch \ " SRCREV = "82572afc879b439cbf8c9c6f3a9ac7626adf98fb"