| Patch | Description | Author | Forwarded | Bugs | Origin | Last update |
|---|---|---|---|---|---|---|
| 0001-Fix-br-tag.patch | Fix br tag find . -path './.git' -prune -o -type 'f' -name '*.html' -exec sed -i 's,<br>,<br />,g' {} \; |
=?UTF-8?q?Bastien=20ROUCARI=C3=88S?= <roucaries.bastien@gmail.com> | invalid | 2018-02-02 | ||
| 0002-Fix-api-Image-.html.patch | Fix api/Image++.html | =?UTF-8?q?Bastien=20ROUCARI=C3=88S?= <roucaries.bastien@gmail.com> | invalid | 2016-12-14 | ||
| 0003-Fix-www-api-mophologie.html.patch | Fix www/api/mophologie.html | =?UTF-8?q?Bastien=20ROUCARI=C3=88S?= <roucaries.bastien@gmail.com> | invalid | 2016-12-14 | ||
| 0004-Fix-www-command-line-options.html.patch | Fix www/command-line-options.html | =?UTF-8?q?Bastien=20ROUCARI=C3=88S?= <roucaries.bastien@gmail.com> | invalid | 2016-12-14 | ||
| 0005-Use-modern-idiom-for-autoconf.patch | Use modern idiom for autoconf | =?UTF-8?q?Bastien=20ROUCARI=C3=88S?= <roucaries.bastien@gmail.com> | invalid | 2015-09-15 | ||
| 0006-Allow-distribution-to-custumize-the-html-pointer-to-.patch | Allow distribution to custumize the html pointer to documentation Allow to say on debian system you might install the imagemagick-doc package |
=?UTF-8?q?Bastien=20ROUCARI=C3=88S?= <roucaries.bastien@gmail.com> | invalid | debian | 2018-02-02 | |
| 0007-Improve-policy-in-order-to-be-safer.patch | Improve policy in order to be safer Limit memory and disk to safe value. Disable http delegate. You should really use curl |
=?UTF-8?q?Bastien=20ROUCARI=C3=88S?= <roucaries.bastien@gmail.com> | no | 2016-11-22 | ||
| 0008-Fix-remaining-error-in-html-files.patch | Fix remaining error in html files | =?UTF-8?q?Bastien=20ROUCARI=C3=88S?= <roucaries.bastien@gmail.com> | no | 2017-03-18 | ||
| 0009-Improve-man-page-to-use-version-information-and-quan.patch | Improve man page to use version information and quantum Use ls *.in |sed 's,[.]1.in,,g' |xargs -n1 sh -c 'sed -i "s,$1(1),$1-im@MAGICK_MAJOR_VERSION@.@MAGICK_ABI_SUFFIX_LC@(1),g" *.in' sedtest use ls *.in |sed 's,[.]1.in,,g' |xargs -n1 sh -c 'sed -i "s,fB$1,fB$1-im@MAGICK_MAJOR_VERSION@.@MAGICK_ABI_SUFFIX_LC@,g" *.in' sedtest use ls *.in |sed 's,[.]1.in,,g' |xargs -n1 sh -c 'sed -i "s,.TH $1,.TH $1-im@MAGICK_MAJOR_VERSION@.@MAGICK_ABI_SUFFIX_LC@,g" *.in' sedtest |
=?UTF-8?q?Bastien=20ROUCARI=C3=88S?= <roucaries.bastien@gmail.com> | no | 2017-03-21 | ||
| 0010-Fix-changelog-tag-mismatch.patch | Fix changelog tag mismatch | =?UTF-8?q?Bastien=20ROUCARI=C3=88S?= <roucaries.bastien@gmail.com> | no | 2017-06-04 | ||
| 0011-Fix-html-error-in-api-Image-.html.patch | Fix html error in api/Image++.html | =?UTF-8?q?Bastien=20ROUCARI=C3=88S?= <roucaries.bastien@gmail.com> | invalid | 2017-08-11 | ||
| 0012-Fix-www-escape.html.patch | Fix www/escape.html | =?UTF-8?q?Bastien=20ROUCARI=C3=88S?= <roucaries.bastien@gmail.com> | invalid | 2017-08-11 | ||
| 0013-Fix-www-magick-script.html.patch | Fix www/magick-script.html | =?UTF-8?q?Bastien=20ROUCARI=C3=88S?= <roucaries.bastien@gmail.com> | invalid | 2017-08-11 | ||
| 0014-Fix-www-support.html.patch | Fix www/support.html | =?UTF-8?q?Bastien=20ROUCARI=C3=88S?= <roucaries.bastien@gmail.com> | invalid | 2017-08-11 | ||
| 0015-Fix-instead-of-lt-and-input-form.patch | Fix < instead of < and input form | =?UTF-8?q?Bastien=20ROUCARI=C3=88S?= <roucaries.bastien@gmail.com> | invalid | 2018-02-03 | ||
| 0016-Fix-another-errors-in-html-files.patch | Fix another errors in html files | =?UTF-8?q?Bastien=20ROUCARI=C3=88S?= <roucaries.bastien@gmail.com> | invalid | 2018-03-19 | ||
| 0017-Fix-index.html.patch | Fix index.html | =?UTF-8?q?Bastien=20Roucari=C3=A8s?= <rouca@debian.org> | invalid | 2018-07-30 | ||
| 0018-Fix-end-tags.patch | Fix end tags | =?UTF-8?q?Bastien=20Roucari=C3=A8s?= <rouca@debian.org> | invalid | 2018-07-30 | ||
| 0019-Fix-a-few-html-error.patch | Fix a few html error | =?UTF-8?q?Bastien=20Roucari=C3=A8s?= <rouca@debian.org> | invalid | 2020-07-26 | ||
| 0020-Fix-a-typo-in-manpage.patch | Fix a typo in manpage | =?UTF-8?q?Bastien=20Roucari=C3=A8s?= <rouca@debian.org> | no | 2020-07-27 | ||
| 0021-Finalize-fixing-error-in-html.patch | Finalize fixing error in html | =?UTF-8?q?Bastien=20Roucari=C3=A8s?= <rouca@debian.org> | no | 2021-01-11 | ||
| 0022-FIx-error-in-new-upstream-html.patch | FIx error in new upstream html | =?UTF-8?q?Bastien=20Roucari=C3=A8s?= <rouca@debian.org> | invalid | 2021-02-01 | ||
| 0001-https-github.com-ImageMagick-ImageMagick6-issues-145.patch | [PATCH] https://github.com/ImageMagick/ImageMagick6/issues/145 | Cristy <mikayla-grace@urban-warrior.org> | no | 2021-04-10 | ||
| 0023-disable-ghostscript-formats.patch | disable ghostscript handled formats based on -SAFER insecurity Based on Tavis Ormandy's Recommendations |
Steve Beattie <steve.beattie@canonical.com> | no | |||
| move-profile-property-to-cli-option.patch | [PATCH] move `-set profile` handler to CLI | Cristy <urban-warrior@imagemagick.org> | no | 2023-02-03 | ||
| 0026-CVE-2021-3574-memory-leak.patch | CVE-2021-3574: memory leak Memory leak due to crafted tiff file |
Cristy <mikayla-grace@urban-warrior.org> | yes | upstream | https://github.com/ImageMagick/ImageMagick6/commit/cd7f9fb7751b0d59d5a74b12d971155caad5a792.patch | 2021-04-13 |
| 0027-CVE-2021-4219-Dos.patch | CVE-2021-4219: Dos | Cristy <mikayla-grace@urban-warrior.org> | yes | debian upstream | https://github.com/ImageMagick/ImageMagick6/commit/c10351c16b8d2cabd11d2627a02de522570f6ceb.patch | 2021-12-22 |
| 0028-CVE-2021-20241.patch | CVE-2021-20241: fix division by zero in WriteJP2Image() in coders/jp2.c |
Zhang Xiaohui <ruc_zhangxiaohui@163.com> | no | https://github.com/ImageMagick/ImageMagick6/commit/53cb91b3e7bf95d0e372cbc745e0055ac6054745.patch | 2021-02-02 | |
| 0029-CVE-2021-20243.patch | CVE-2021-20243 | Cristy <mikayla-grace@urban-warrior.org> | yes | upstream | https://github.com/ImageMagick/ImageMagick6/commit/53cb91b3e7bf95d0e372cbc745e0055ac6054745.patch | 2021-02-03 |
| 0030-CVE-2021-20244-uses-the-PerceptibleReciprocal-to-pre.patch | CVE-2021-20244: uses the PerceptibleReciprocal() to prevent the divide-by-zero from occurring (#3194) A crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero (cherry picked from commit 329dd528ab79531d884c0ba131e97d43f872ab5d) This backports the fix for CVE-2021-20244 to IM6. |
ruc_zhangxiaohui <553441439@qq.com> | no | debian | https://github.com/ImageMagick/ImageMagick6/commit/c8d674946a687f40a126166edf470733fc8ede02.patch | 2021-02-04 |
| 0031-CVE-2021-20245-Division-by-zero-in-WriteAnimatedWEBP.patch | CVE-2021-20245 Division by zero in WriteAnimatedWEBPImage() in coders/webp.c | Cristy <mikayla-grace@urban-warrior.org> | yes | debian upstream | https://github.com/ImageMagick/ImageMagick6/commit/a78d92dc0f468e79c3d761aae9707042952cdaca.patch | 2021-02-03 |
| 0032-CVE-2021-20246-division-by-zero-in-MagickCore-resamp.patch | CVE-2021-20246: division by zero in MagickCore/resample.c bug:https://github.com/ImageMagick/ImageMagick/issues/3195 |
Cristy <mikayla-grace@urban-warrior.org> | no | debian | https://github.com/ImageMagick/ImageMagick6/commit/f3190d4a6e6e8556575c84b5d976f77d111caa74.patch | 2021-02-03 |
| 0033-CVE-2021-20309-Division-by-zero-in-WaveImage.patch | CVE-2021-20309: Division by zero in WaveImage() | Cristy <mikayla-grace@urban-warrior.org> | yes | debian upstream | https://github.com/ImageMagick/ImageMagick6/commit/f1e68d22d1b35459421710587a0dcbab6900b51f.patch | 2021-02-25 |
| 0034-partial-CVE-2021-39212-Fixed-incorrect-check-when-mo.patch | [partial] CVE-2021-39212: Fixed incorrect check when module is used as the domain in policy.xml that would allow the use of a disabled module. | Dirk Lemstra <dirk@lemstra.org> | yes | debian upstream | https://github.com/ImageMagick/ImageMagick6/commit/8cd2fcd33460826628a7590dc3ce74d7785e1598.patch | 2021-09-11 |
| 0035-partial-CVE-2021-39212-Added-missing-policy-checks-i.patch | [partial] CVE-2021-39212: Added missing policy checks in RegisterStaticModules. | Dirk Lemstra <dirk@lemstra.org> | yes | debian upstream | https://github.com/ImageMagick/ImageMagick6/commit/69ea5587de17ef89476be47a3cb7f855c0355a74 | 2021-09-11 |
| 0036-partial-CVE-2021-39212-Use-AllPolicyRights-instead.patch | [partial] CVE-2021-39212: Use AllPolicyRights instead. (cherry picked from commit b60e17133b982d28816386b83174c2bc06dd39bd) |
Dirk Lemstra <dirk@lemstra.org> | yes | debian upstream | https://github.com/ImageMagick/ImageMagick6/commit/b60e17133b982d28816386b83174c2bc06dd39bd | 2021-09-11 |
| 0037-CVE-2021-39212-Use-the-correct-rights.patch | CVE-2021-39212: Use the correct rights. (cherry picked from commit 428e68597fa904d0bdc133d878e12acd7dc60fa3) |
Dirk Lemstra <dirk@lemstra.org> | yes | debian upstream | https://github.com/ImageMagick/ImageMagick6/commit/428e68597fa904d0bdc133d878e12acd7dc60fa3 | 2021-09-11 |
| 0038-Fix-CVE-2022-1114-Heap-use-after-free-in-RelinquishD.patch | Fix CVE-2022-1114: Heap use after free in RelinquishDCMInfo() | Cristy <urban-warrior@imagemagick.org> | yes | debian upstream | https://github.com/ImageMagick/ImageMagick6/commit/78f03b619d08d7c2e0fcaccab407e3ac93c2ee8f.patch | 2022-03-15 |
| 0039-CVE-2022-28463-buffer-overflow-in-cin-coder.patch | CVE-2022-28463: buffer overflow in cin coder (cherry picked from commit e6ea5876e0228165ee3abc6e959aa174cee06680) |
Cristy <urban-warrior@imagemagick.org> | yes | debian upstream | https://github.com/ImageMagick/ImageMagick6/commit/e6ea5876e0228165ee3abc6e959aa174cee06680.patch | 2022-03-26 |
| 0040-CVE-2022-32545-undefined-behavior-value-outside-char.patch | CVE-2022-32545: undefined behavior value outside char range (cherry picked from commit 450949ed017f009b399c937cf362f0058eacc5fa) |
Cristy <urban-warrior@imagemagick.org> | yes | debian upstream | https://github.com/ImageMagick/ImageMagick6/commit/450949ed017f009b399c937cf362f0058eacc5fa.patch | 2022-03-19 |
| 0041-CVE-2022-32546-outside-the-range-of-representable-va.patch | CVE-2022-32546 outside the range of representable values of type 'unsigned long' at coders/pcl.c, | Cristy <urban-warrior@imagemagick.org> | yes | debian upstream | https://github.com/ImageMagick/ImageMagick6/commit/29c8abce0da56b536542f76a9ddfebdaab5b2943.patch | 2022-03-24 |
| 0042-Fix-CVE-2022-32547-unaligned-access-in-property.patch | Fix CVE-2022-32547: unaligned access in property | Cristy <urban-warrior@imagemagick.org> | yes | debian upstream | https://github.com/ImageMagick/ImageMagick6/commit/dc070da861a015d3c97488fdcca6063b44d47a7b.patch | 2022-04-09 |
| 0043-1-2-CVE-2021-3610-eliminate-heap-buffer-overflow-vul.patch | [1/2] CVE-2021-3610 eliminate heap buffer overflow vulnerability in TIFF coder thanks to ZhangJiaxing (@r0fm1a) from Codesafe Team of Legendsec at Qi'anxin Group |
Cristy <mikayla-grace@urban-warrior.org> | yes | upstream | https://github.com/ImageMagick/ImageMagick6/commit/b307bcadcdf6ea6819951ac1786b7904f27b25c6.patch | 2021-05-27 |
| 0044-2-2-CVE-2021-3610-eliminate-heap-buffer-overflow-vul.patch | [2/2] CVE-2021-3610 eliminate heap buffer overflow vulnerability in TIFF coder Thanks to ZhangJiaxing (@r0fm1a) from Codesafe Team of Legendsec at Qi'anxin Group (cherry picked from commit c75ae771a00c38b757c5ef4b424b51e761b02552) |
Cristy <mikayla-grace@urban-warrior.org> | yes | upstream | https://github.com/ImageMagick/ImageMagick6/commit/b307bcadcdf6ea6819951ac1786b7904f27b25c6.patch | 2021-05-30 |
| 0045-heap-based-buffer-overflow-in-TIFF-coder-alert-from-.patch | heap-based buffer overflow in TIFF coder (alert from Hunter Mitchell) | Cristy <mikayla-grace@urban-warrior.org> | yes | upstream | https://github.com/ImageMagick/ImageMagick6/commit/e1fbcdf3aad96d51db65c1601117396eac665a6d | 2021-07-26 |
| 0046-heap-based-buffer-overflow-in-TIFF-coder-alert-from-.patch | heap-based buffer overflow in TIFF coder (alert from Hunter Mitchell) | Cristy <mikayla-grace@urban-warrior.org> | yes | upstream | https://github.com/ImageMagick/ImageMagick6/commit/35b88c9166bc1b3ce8893f52217bae00d8e2c532 | 2021-07-26 |
| 0047-heap-based-buffer-overflow-in-TIFF-coder-alert-from-.patch | heap-based buffer overflow in TIFF coder (alert from Hunter Mitchell) | Cristy <mikayla-grace@urban-warrior.org> | yes | upstream | https://github.com/ImageMagick/ImageMagick6/commit/f90a091c7dd12cc53b0999bf49d1c80651534eea | 2021-07-26 |
| 0048-Fix-a-non-initialized-value-passed-to-TIFFGetField.patch | Fix a non initialized value passed to TIFFGetField() | Cristy <mikayla-grace@urban-warrior.org> | yes | upstream | https://github.com/ImageMagick/ImageMagick6/commit/995de330310dd35531165d9471fe4d31e0fa79ae | 2021-09-03 |
| 0049-initialize-buffer-before-calling-TIFFGetField.patch | initialize buffer before calling TIFFGetField() | Cristy <mikayla-grace@urban-warrior.org> | yes | upstream | https://github.com/ImageMagick/ImageMagick6/commit/995de330310dd35531165d9471fe4d31e0fa79ae | 2021-09-04 |
| 0050-Fix-stack-overflow-when-parsing-malicious-tiff-image.patch | Fix stack overflow when parsing malicious tiff image (cherry picked from commit 85a370c79afeb45a97842b0959366af5236e9023) |
Cristy <mikayla-grace@urban-warrior.org> | no | https://github.com/ImageMagick/ImageMagick6/commit/85a370c79afeb45a97842b0959366af5236e9023 | 2021-10-19 | |
| 0051-early-exit-on-exception.patch | early exit on exception In case of malformed tiff image bail early (cherry picked from commit b272acab91444f2115099fe51ee6c91bb4db5d50) |
Cristy <mikayla-grace@urban-warrior.org> | no | https://github.com/ImageMagick/ImageMagick6/commit/b272acab91444f2115099fe51ee6c91bb4db5d50 | 2021-11-06 | |
| 0052-Fix-buffer-overrun-in-TIFF-coder.patch | Fix buffer overrun in TIFF coder | Cristy <mikayla-grace@urban-warrior.org> | no | https://github.com/ImageMagick/ImageMagick6/commit/2204eb57ae00b005b39165a47b8984eac01600a5 | 2021-03-14 | |
| 0053-Fix-buffer-overrun-in-TIFF-coder.patch | Fix buffer overrun in TIFF coder | Cristy <mikayla-grace@urban-warrior.org> | no | https://github.com/ImageMagick/ImageMagick6/commit/add9cb14e14eef02806715d97abcf5d04a3e55dd | 2021-12-17 | |
| 0054-Fix-buffer-overrun-in-TIFF-coder.patch | Fix buffer overrun in TIFF coder | Cristy <urban-warrior@imagemagick.org> | yes | upstream | https://github.com/ImageMagick/ImageMagick6/commit/de6ada9a068b01494bfb848024ed46942da9d238 | 2022-03-17 |
| 0055-Fix-unintialised-value.patch | Fix unintialised value | Cristy <urban-warrior@imagemagick.org> | yes | upstream | https://github.com/ImageMagick/ImageMagick6/commit/409d42205927c98cbb852ca96e109716f38f04ab | 2022-02-11 |
| 0056-Raise-exception-when-image-could-not-be-read-but-no-.patch | Raise exception when image could not be read but no exception was raised. Bail out in case of corrupted image https://github.com/ImageMagick/ImageMagick6/commit/3e15c68efcb1e6383c93e7dfe38ba6c37e614d1b (cherry picked from commit 3e15c68efcb1e6383c93e7dfe38ba6c37e614d1b) |
Dirk Lemstra <dirk@lemstra.org> | no | 2022-02-19 | ||
| 0057-CVE-2022-1115-heap-based-overflow-with-a-specially-c.patch | CVE-2022-1115: heap based overflow with a specially crafted TIFF image | Cristy <urban-warrior@imagemagick.org> | yes | upstream | https://github.com/ImageMagick/ImageMagick6/commit/1f860f52bd8d58737ad883072203391096b30b51 | 2022-03-22 |
| 0056-CVE-2023-1289-recursion-detection-framework.patch | CVE-2023-1289: recursion detection framework | Cristy <urban-warrior@imagemagick.org> | no | https://github.com/ImageMagick/ImageMagick6/commit/e8c0090c6d2df7b1553053dca2008e96724204bf | 2023-03-06 | |
| 0057-CVE-2023-1289-recursion-detection.patch | CVE-2023-1289 recursion detection | Cristy <urban-warrior@imagemagick.org> | yes | upstream | https://github.com/ImageMagick/ImageMagick6/commit/706d381b7eb79927d328c96f7b7faab5dc109368 | 2023-03-06 |
| 0058-CVE-2023-1906.patch | CVE-2023-1906 A heap-based buffer overflow issue was discovered in ImageMagick's ImportMultiSpectralQuantum() function in MagickCore/quantum-import.c. An attacker could pass specially crafted file to convert, triggering an out-of-bounds read error, allowing an application to crash, resulting in a denial of service. |
Cristy <urban-warrior@imagemagick.org> | no | https://github.com/ImageMagick/ImageMagick6/commit/e30c693b37c3b41723f1469d1226a2c814ca443d | 2023-04-01 | |
| 0059-1-2-Prepare-CVE-2023-34151-improved-range-checking.patch | [1/2] Prepare CVE-2023-34151 :improved range checking | Cristy <urban-warrior@imagemagick.org> | no | 2023-04-15 | ||
| 0060-2-2-Prepare-CVE-2023-34151-add-additional-checks-for.patch | [2/2] Prepare CVE-2023-34151: add additional checks for casting double to size_t | Cristy <urban-warrior@imagemagick.org> | no | 2023-04-13 | ||
| 0061-CVE-2023-34151-properly-cast-double-to-size_t.patch | CVE-2023-34151: properly cast double to size_t | Cristy <urban-warrior@imagemagick.org> | yes | upstream | 2023-05-17 | |
| 0062-heap-buffer-overflow-in-ImageMagick-7.1.1-12-contrib.patch | heap-buffer-overflow in ImageMagick <= 7.1.1-12, contributed by Hardik shah of Vehere (Dawn Treaders team) This fix CVE-2023-3428 |
Cristy <urban-warrior@imagemagick.org> | no | https://github.com/ImageMagick/ImageMagick6/commit/0d00400727170b0540a355a1bc52787bc7bcdea5 | 2023-06-26 | |
| 0063-Added-check-for-invalid-size.patch | Added check for invalid size. | Dirk Lemstra <dirk@lemstra.org> | no | https://github.com/ImageMagick/ImageMagick6/commit/94f76dd2f760241bec51e7d66873e77a58d812ba.patch | 2021-11-30 | |
| 0064-improve-BMP-error-checking.patch | improve BMP error checking bug; https://github.com/ImageMagick/ImageMagick/issues/5980 |
Cristy <urban-warrior@imagemagick.org> | no | 2023-01-18 | ||
| 0065-CVE-2023-5341.patch | CVE-2023-5341 | Cristy <urban-warrior@imagemagick.org> | no | https://github.com/ImageMagick/ImageMagick6/commit/405684654eb9b43424c3c0276ea343681021d9e0 | 2023-09-24 |