diff --git a/SOURCES/ImageMagick-cve-2016-5118.patch b/SOURCES/ImageMagick-cve-2016-5118.patch
new file mode 100644
index 0000000..ad6375b
--- /dev/null
+++ b/SOURCES/ImageMagick-cve-2016-5118.patch
@@ -0,0 +1,11 @@
+diff -up ImageMagick-6.7.8-9/magick/blob.c.cve-2016-5118 ImageMagick-6.7.8-9/magick/blob.c
+--- ImageMagick-6.7.8-9/magick/blob.c.cve-2016-5118 2016-06-02 11:11:35.681242509 +0200
++++ ImageMagick-6.7.8-9/magick/blob.c 2016-06-02 11:34:57.707081030 +0200
+@@ -91,6 +91,7 @@
+ #define _O_BINARY O_BINARY
+ #endif
+ �
++#undef MAGICKCORE_HAVE_POPEN
+ /*
+ Typedef declarations.
+ */
diff --git a/SOURCES/ImageMagick-cve-2016-5240.patch b/SOURCES/ImageMagick-cve-2016-5240.patch
new file mode 100644
index 0000000..9abb99f
--- /dev/null
+++ b/SOURCES/ImageMagick-cve-2016-5240.patch
@@ -0,0 +1,47 @@
+diff -up ImageMagick-6.7.8-9/magick/draw.c.svg-endless-loop ImageMagick-6.7.8-9/magick/draw.c
+--- ImageMagick-6.7.8-9/magick/draw.c.svg-endless-loop 2012-07-30 14:28:56.000000000 +0200
++++ ImageMagick-6.7.8-9/magick/draw.c 2016-06-03 13:54:20.337142553 +0200
+@@ -1569,7 +1569,7 @@ static MagickBooleanType DrawDashPolygon
+ status=MagickTrue;
+ maximum_length=0.0;
+ total_length=0.0;
+- for (i=1; i < (ssize_t) number_vertices; i++)
++ for (i=1; (i < (ssize_t) number_vertices) && (length >= 0.0); i++)
+ {
+ dx=primitive_info[i].point.x-primitive_info[i-1].point.x;
+ dy=primitive_info[i].point.y-primitive_info[i-1].point.y;
+@@ -1581,7 +1581,7 @@ static MagickBooleanType DrawDashPolygon
+ n=0;
+ length=scale*(draw_info->dash_pattern[n]+(n == 0 ? -0.5 : 0.5));
+ }
+- for (total_length=0.0; (total_length+length) <= maximum_length; )
++ for (total_length=0.0; (length >= 0.0) && (total_length+length) <= maximum_length; )
+ {
+ total_length+=length;
+ if ((n & 0x01) != 0)
+@@ -2561,9 +2561,7 @@ MagickExport MagickBooleanType DrawImage
+ }
+ if (LocaleCompare("stroke-dasharray",keyword) == 0)
+ {
+- if (graphic_context[n]->dash_pattern != (double *) NULL)
+- graphic_context[n]->dash_pattern=(double *)
+- RelinquishMagickMemory(graphic_context[n]->dash_pattern);
++ graphic_context[n]->dash_pattern = RelinquishMagickMemory(graphic_context[n]->dash_pattern);
+ if (IsPoint(q) != MagickFalse)
+ {
+ const char
+@@ -2596,7 +2594,14 @@ MagickExport MagickBooleanType DrawImage
+ GetMagickToken(q,&q,token);
+ graphic_context[n]->dash_pattern[j]=StringToDouble(token,
+ (char **) NULL);
++ if (graphic_context[n]->dash_pattern[j] < 0.0)
++ status=MagickFalse;
+ }
++ if (status == MagickFalse)
++ {
++ graphic_context[n]->dash_pattern = RelinquishMagickMemory(graphic_context[n]->dash_pattern);
++ break;
++ }
+ if ((x & 0x01) != 0)
+ for ( ; j < (2*x); j++)
+ graphic_context[n]->dash_pattern[j]=
diff --git a/SOURCES/ImageMagick-gnuplot-delegate-remove.diff b/SOURCES/ImageMagick-gnuplot-delegate-remove.diff
new file mode 100644
index 0000000..edc339b
--- /dev/null
+++ b/SOURCES/ImageMagick-gnuplot-delegate-remove.diff
@@ -0,0 +1,141 @@
+diff -up ImageMagick-6.7.8-9/config/delegates.xml.in.gnuplot-delegate-remove ImageMagick-6.7.8-9/config/delegates.xml.in
+--- ImageMagick-6.7.8-9/config/delegates.xml.in.gnuplot-delegate-remove 2016-06-02 13:46:27.392910453 +0200
++++ ImageMagick-6.7.8-9/config/delegates.xml.in 2016-06-02 13:52:15.161907901 +0200
+@@ -80,7 +80,6 @@
+ <delegate decode="eps" encode="pdf" mode="bi" command=""@PSDelegate@" -q -dQUIET -dSAFER -dBATCH -dNOPAUSE -dNOPROMPT -dMaxBitmap=500000000 "-sDEVICE=@GSPDFDevice@" "-sOutputFile=%o" "-f%i""/>
+ <delegate decode="eps" encode="ps" mode="bi" command=""@PSDelegate@" -q -dQUIET -dSAFER -dBATCH -dNOPAUSE -dNOPROMPT -dMaxBitmap=500000000 -dAlignToPixels=0 -dGridFitTT=2 "-sDEVICE=@GSPSDevice@" "-sOutputFile=%o" "-f%i""/>
+ <delegate decode="fig" command=""@FIGDecodeDelegate@" -L ps "%i" "%o""/>
+- <delegate decode="plt" command=""@EchoDelegate@" "set size 1.25,0.62; set terminal postscript portrait color solid; set output \'%o\'; load \'%i\'" > "%u";"@GnuplotDecodeDelegate@" "%u""/>
+ <delegate decode="hpg" command=""@HPGLDecodeDelegate@" -q -m eps -f `basename "%o"` "%i"; mv -f `basename "%o"` "%o""/>
+ <delegate decode="hpgl" command="if [ -e @HPGLDecodeDelegate@ -o -e /usr/bin/@HPGLDecodeDelegate@ ]; then @HPGLDecodeDelegate@ -q -m eps -f `basename "%o"` "%i"; mv -f `basename "%o"` "%o"; else echo "You need to install hp2xx to use HPGL files with ImageMagick."; exit 1; fi"/>
+ <delegate decode="htm" command=""@HTMLDecodeDelegate@" -U -o "%o" "%i""/>
+diff -up ImageMagick-6.7.8-9/configure.ac.gnuplot-delegate-remove ImageMagick-6.7.8-9/configure.ac
+--- ImageMagick-6.7.8-9/configure.ac.gnuplot-delegate-remove 2012-08-05 17:58:14.000000000 +0200
++++ ImageMagick-6.7.8-9/configure.ac 2016-06-02 13:48:27.359909573 +0200
+@@ -3055,7 +3055,6 @@ FIGDecodeDelegateDefault='fig2dev'
+ ConvertDelegateDefault=`echo convert | sed ${configure_transform_name}`
+ DisplayDelegateDefault=`echo display | sed ${configure_transform_name}`
+ MogrifyDelegateDefault=`echo mogrify | sed ${configure_transform_name}`
+-GnuplotDecodeDelegateDefault='gnuplot'
+ HPGLDecodeDelegateDefault='hp2xx'
+ HTMLDecodeDelegateDefault='html2ps'
+ ILBMDecodeDelegateDefault='ilbmtoppm'
+@@ -3107,7 +3106,6 @@ AC_PATH_PROG(FIGDecodeDelegate, "$FIGDec
+ AC_PATH_PROG(ConvertDelegate, "$ConvertDelegateDefault", "$ConvertDelegateDefault")
+ AC_PATH_PROG(DisplayDelegate, "$DisplayDelegateDefault", "$DisplayDelegateDefault")
+ AC_PATH_PROG(MogrifyDelegate, "$MogrifyDelegateDefault", "$MogrifyDelegateDefault")
+-AC_PATH_PROG(GnuplotDecodeDelegate, "$GnuplotDecodeDelegateDefault", "$GnuplotDecodeDelegateDefault")
+ AC_PATH_PROG(HPGLDecodeDelegate, "$HPGLDecodeDelegateDefault", "$HPGLDecodeDelegateDefault")
+ AC_PATH_PROG(HTMLDecodeDelegate, "$HTMLDecodeDelegateDefault", "$HTMLDecodeDelegateDefault")
+ AC_PATH_PROG(ILBMDecodeDelegate, "$ILBMDecodeDelegateDefault", "$ILBMDecodeDelegateDefault")
+@@ -3273,7 +3271,6 @@ if test "$with_frozenpaths" != 'yes'; th
+ EchoDelegate="$EchoDelegateDefault"
+ EditorDelegate="$EditorDelegateDefault"
+ FIGDecodeDelegate="$FIGDecodeDelegateDefault"
+- GnuplotDecodeDelegate="$GnuplotDecodeDelegateDefault"
+ HPGLDecodeDelegate="$HPGLDecodeDelegateDefault"
+ HTMLDecodeDelegate="$HTMLDecodeDelegateDefault"
+ ILBMDecodeDelegate="$ILBMDecodeDelegateDefault"
+@@ -3318,7 +3315,6 @@ AC_SUBST(DVIDecodeDelegate)
+ AC_SUBST(EchoDelegate)
+ AC_SUBST(EditorDelegate)
+ AC_SUBST(FIGDecodeDelegate)
+-AC_SUBST(GnuplotDecodeDelegate)
+ AC_SUBST(HPGLDecodeDelegate)
+ AC_SUBST(HTMLDecodeDelegate)
+ AC_SUBST(ILBMDecodeDelegate)
+diff -up ImageMagick-6.7.8-9/configure.gnuplot-delegate-remove ImageMagick-6.7.8-9/configure
+--- ImageMagick-6.7.8-9/configure.gnuplot-delegate-remove 2016-06-02 13:46:27.368910453 +0200
++++ ImageMagick-6.7.8-9/configure 2016-06-02 13:50:26.856908696 +0200
+@@ -725,7 +725,6 @@ ILBMEncodeDelegate
+ ILBMDecodeDelegate
+ HTMLDecodeDelegate
+ HPGLDecodeDelegate
+-GnuplotDecodeDelegate
+ MogrifyDelegate
+ DisplayDelegate
+ ConvertDelegate
+@@ -32794,7 +32793,6 @@ FIGDecodeDelegateDefault='fig2dev'
+ ConvertDelegateDefault=`echo convert | sed ${configure_transform_name}`
+ DisplayDelegateDefault=`echo display | sed ${configure_transform_name}`
+ MogrifyDelegateDefault=`echo mogrify | sed ${configure_transform_name}`
+-GnuplotDecodeDelegateDefault='gnuplot'
+ HPGLDecodeDelegateDefault='hp2xx'
+ HTMLDecodeDelegateDefault='html2ps'
+ ILBMDecodeDelegateDefault='ilbmtoppm'
+@@ -33445,48 +33443,6 @@ else
+ $as_echo "no" >&6; }
+ fi
+
+-
+-# Extract the first word of ""$GnuplotDecodeDelegateDefault"", so it can be a program name with args.
+-set dummy "$GnuplotDecodeDelegateDefault"; ac_word=$2
+-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+-$as_echo_n "checking for $ac_word... " >&6; }
+-if ${ac_cv_path_GnuplotDecodeDelegate+:} false; then :
+- $as_echo_n "(cached) " >&6
+-else
+- case $GnuplotDecodeDelegate in
+- [\\/]* | ?:[\\/]*)
+- ac_cv_path_GnuplotDecodeDelegate="$GnuplotDecodeDelegate" # Let the user override the test with a path.
+- ;;
+- *)
+- as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+-for as_dir in $PATH
+-do
+- IFS=$as_save_IFS
+- test -z "$as_dir" && as_dir=.
+- for ac_exec_ext in '' $ac_executable_extensions; do
+- if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then
+- ac_cv_path_GnuplotDecodeDelegate="$as_dir/$ac_word$ac_exec_ext"
+- $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
+- break 2
+- fi
+-done
+- done
+-IFS=$as_save_IFS
+-
+- test -z "$ac_cv_path_GnuplotDecodeDelegate" && ac_cv_path_GnuplotDecodeDelegate=""$GnuplotDecodeDelegateDefault""
+- ;;
+-esac
+-fi
+-GnuplotDecodeDelegate=$ac_cv_path_GnuplotDecodeDelegate
+-if test -n "$GnuplotDecodeDelegate"; then
+- { $as_echo "$as_me:${as_lineno-$LINENO}: result: $GnuplotDecodeDelegate" >&5
+-$as_echo "$GnuplotDecodeDelegate" >&6; }
+-else
+- { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+-$as_echo "no" >&6; }
+-fi
+-
+-
+ # Extract the first word of ""$HPGLDecodeDelegateDefault"", so it can be a program name with args.
+ set dummy "$HPGLDecodeDelegateDefault"; ac_word=$2
+ { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+@@ -34783,7 +34739,6 @@ if test "$with_frozenpaths" != 'yes'; th
+ EchoDelegate="$EchoDelegateDefault"
+ EditorDelegate="$EditorDelegateDefault"
+ FIGDecodeDelegate="$FIGDecodeDelegateDefault"
+- GnuplotDecodeDelegate="$GnuplotDecodeDelegateDefault"
+ HPGLDecodeDelegate="$HPGLDecodeDelegateDefault"
+ HTMLDecodeDelegate="$HTMLDecodeDelegateDefault"
+ ILBMDecodeDelegate="$ILBMDecodeDelegateDefault"
+@@ -34819,7 +34774,6 @@ fi
+
+
+
+-
+
+
+
+diff -up ImageMagick-6.7.8-9/Makefile.in.gnuplot-delegate-remove ImageMagick-6.7.8-9/Makefile.in
+--- ImageMagick-6.7.8-9/Makefile.in.gnuplot-delegate-remove 2012-08-10 14:41:20.000000000 +0200
++++ ImageMagick-6.7.8-9/Makefile.in 2016-06-02 13:46:27.392910453 +0200
+@@ -2534,7 +2534,6 @@ GS_LIBS = @GS_LIBS@
+ GVCDecodeDelegate = @GVCDecodeDelegate@
+ GVC_CFLAGS = @GVC_CFLAGS@
+ GVC_LIBS = @GVC_LIBS@
+-GnuplotDecodeDelegate = @GnuplotDecodeDelegate@
+ HPGLDecodeDelegate = @HPGLDecodeDelegate@
+ HTMLDecodeDelegate = @HTMLDecodeDelegate@
+ ILBMDecodeDelegate = @ILBMDecodeDelegate@
diff --git a/SOURCES/ImageMagick-icon-mem.patch b/SOURCES/ImageMagick-icon-mem.patch
new file mode 100644
index 0000000..a2d2a62
--- /dev/null
+++ b/SOURCES/ImageMagick-icon-mem.patch
@@ -0,0 +1,12 @@
+diff -up ImageMagick-6.7.8-9/coders/icon.c.icon-mem ImageMagick-6.7.8-9/coders/icon.c
+--- ImageMagick-6.7.8-9/coders/icon.c.icon-mem 2012-07-17 21:11:28.000000000 +0200
++++ ImageMagick-6.7.8-9/coders/icon.c 2016-06-02 16:18:24.366200378 +0200
+@@ -277,6 +277,8 @@ static Image *ReadICONImage(const ImageI
+ Icon image encoded as a compressed PNG image.
+ */
+ length=icon_file.directory[i].size;
++ if (~length < 16)
++ ThrowReaderException(ResourceLimitError,"MemoryAllocationFailed");
+ png=(unsigned char *) AcquireQuantumMemory(length+16,sizeof(*png));
+ if (png == (unsigned char *) NULL)
+ ThrowReaderException(ResourceLimitError,"MemoryAllocationFailed");
diff --git a/SOURCES/ImageMagick-null-pointer-access.patch b/SOURCES/ImageMagick-null-pointer-access.patch
new file mode 100644
index 0000000..b92df43
--- /dev/null
+++ b/SOURCES/ImageMagick-null-pointer-access.patch
@@ -0,0 +1,34 @@
+diff -up ImageMagick-6.7.8-9/magick/constitute.c.null-pointer-access ImageMagick-6.7.8-9/magick/constitute.c
+--- ImageMagick-6.7.8-9/magick/constitute.c.null-pointer-access 2012-07-29 22:26:50.000000000 +0200
++++ ImageMagick-6.7.8-9/magick/constitute.c 2016-06-02 17:32:26.990718329 +0200
+@@ -1324,7 +1324,7 @@ MagickExport MagickBooleanType WriteImag
+ status;
+
+ register Image
+- *p;
++ *p, *next_p;
+
+ assert(image_info != (const ImageInfo *) NULL);
+ assert(image_info->signature == MagickSignature);
+@@ -1349,8 +1349,11 @@ MagickExport MagickBooleanType WriteImag
+ sans_exception);
+ sans_exception=DestroyExceptionInfo(sans_exception);
+ p=images;
+- for ( ; GetNextImageInList(p) != (Image *) NULL; p=GetNextImageInList(p))
+- if (p->scene >= GetNextImageInList(p)->scene)
++ for ( ; GetNextImageInList(p) != (Image *) NULL; p=GetNextImageInList(p)) {
++ next_p = GetNextImageInList(p);
++ if (next_p == (Image *) NULL)
++ break;
++ if (p->scene >= next_p->scene)
+ {
+ register ssize_t
+ i;
+@@ -1363,6 +1366,7 @@ MagickExport MagickBooleanType WriteImag
+ p->scene=(size_t) i++;
+ break;
+ }
++ }
+ /*
+ Write images.
+ */
diff --git a/SOURCES/ImageMagick-pict-doublefree.patch b/SOURCES/ImageMagick-pict-doublefree.patch
new file mode 100644
index 0000000..ff744ae
--- /dev/null
+++ b/SOURCES/ImageMagick-pict-doublefree.patch
@@ -0,0 +1,44 @@
+From 0f6fc2d5bf8f500820c3dbcf0d23ee14f2d9f734 Mon Sep 17 00:00:00 2001
+From: cristy <urban-warrior@git.imagemagick.org>
+Date: Sat, 30 May 2015 00:49:11 +0000
+Subject: [PATCH]
+
+diff --git a/coders/pict.c b/coders/pict.c
+index 4f51eb3..027119d 100644
+--- a/coders/pict.c
++++ b/coders/pict.c
+@@ -1637,6 +1637,7 @@ static MagickBooleanType WritePICTImage(const ImageInfo *image_info,
+ size_t
+ bytes_per_line,
+ count,
++ row_bytes,
+ storage_class;
+
+ ssize_t
+@@ -1649,7 +1650,6 @@ static MagickBooleanType WritePICTImage(const ImageInfo *image_info,
+
+ unsigned short
+ base_address,
+- row_bytes,
+ transfer_mode;
+
+ /*
+@@ -1681,7 +1681,7 @@ static MagickBooleanType WritePICTImage(const ImageInfo *image_info,
+ source_rectangle=size_rectangle;
+ destination_rectangle=size_rectangle;
+ base_address=0xff;
+- row_bytes=(unsigned short) (image->columns | 0x8000);
++ row_bytes=image->columns;
+ bounds.top=0;
+ bounds.left=0;
+ bounds.bottom=(short) image->rows;
+@@ -1711,7 +1711,7 @@ static MagickBooleanType WritePICTImage(const ImageInfo *image_info,
+ pixmap.bits_per_pixel=32;
+ pixmap.pack_type=0x04;
+ transfer_mode=0x40;
+- row_bytes=(unsigned short) ((4*image->columns) | 0x8000);
++ row_bytes=4*image->columns;
+ }
+ /*
+ Allocate memory.
+
diff --git a/SOURCES/ImageMagick-splice-crash.patch b/SOURCES/ImageMagick-splice-crash.patch
new file mode 100644
index 0000000..9b6a59f
--- /dev/null
+++ b/SOURCES/ImageMagick-splice-crash.patch
@@ -0,0 +1,69 @@
+diff -up ImageMagick-6.7.8-9/magick/transform.c.splice-crash ImageMagick-6.7.8-9/magick/transform.c
+--- ImageMagick-6.7.8-9/magick/transform.c.splice-crash 2012-06-20 15:03:21.000000000 +0200
++++ ImageMagick-6.7.8-9/magick/transform.c 2016-06-02 17:40:43.860641940 +0200
+@@ -65,6 +65,7 @@
+ #include "magick/string_.h"
+ #include "magick/thread-private.h"
+ #include "magick/transform.h"
++#define MagickMin(x,y) (((x) < (y)) ? (x) : (y))
+ �
+ /*
+ %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+@@ -1646,6 +1647,7 @@ MagickExport Image *SpliceImage(const Im
+ splice_geometry;
+
+ ssize_t
++ columns,
+ y;
+
+ /*
+@@ -1730,6 +1732,7 @@ MagickExport Image *SpliceImage(const Im
+ */
+ status=MagickTrue;
+ progress=0;
++ columns=MagickMin(splice_geometry.x,(ssize_t) splice_image->columns);
+ image_view=AcquireVirtualCacheView(image,exception);
+ splice_view=AcquireAuthenticCacheView(splice_image,exception);
+ #if defined(MAGICKCORE_OPENMP_SUPPORT)
+@@ -1753,7 +1756,8 @@ MagickExport Image *SpliceImage(const Im
+
+ if (status == MagickFalse)
+ continue;
+- p=GetCacheViewVirtualPixels(image_view,0,y,image->columns,1,exception);
++ p=GetCacheViewVirtualPixels(image_view,0,y,splice_image->columns,1,
++ exception);
+ q=QueueCacheViewAuthenticPixels(splice_view,0,y,splice_image->columns,1,
+ exception);
+ if ((p == (const PixelPacket *) NULL) || (q == (PixelPacket *) NULL))
+@@ -1763,7 +1767,7 @@ MagickExport Image *SpliceImage(const Im
+ }
+ indexes=GetCacheViewAuthenticIndexQueue(image_view);
+ splice_indexes=GetCacheViewAuthenticIndexQueue(splice_view);
+- for (x=0; x < splice_geometry.x; x++)
++ for (x=0; x < columns; x++)
+ {
+ SetPixelRed(q,GetPixelRed(p));
+ SetPixelGreen(q,GetPixelGreen(p));
+@@ -1833,10 +1837,10 @@ MagickExport Image *SpliceImage(const Im
+
+ if (status == MagickFalse)
+ continue;
+- p=GetCacheViewVirtualPixels(image_view,0,y-(ssize_t) splice_geometry.height,
+- image->columns,1,exception);
+- if ((y < 0) || (y >= (ssize_t) splice_image->rows))
++ if ((y < 0) || (y >= (ssize_t)splice_image->rows))
+ continue;
++ p=GetCacheViewVirtualPixels(image_view,0,y-(ssize_t) splice_geometry.height,
++ splice_image->columns,1,exception);
+ q=QueueCacheViewAuthenticPixels(splice_view,0,y,splice_image->columns,1,
+ exception);
+ if ((p == (const PixelPacket *) NULL) || (q == (PixelPacket *) NULL))
+@@ -1846,7 +1850,7 @@ MagickExport Image *SpliceImage(const Im
+ }
+ indexes=GetCacheViewAuthenticIndexQueue(image_view);
+ splice_indexes=GetCacheViewAuthenticIndexQueue(splice_view);
+- for (x=0; x < splice_geometry.x; x++)
++ for (x=0; x < columns; x++)
+ {
+ SetPixelRed(q,GetPixelRed(p));
+ SetPixelGreen(q,GetPixelGreen(p));
diff --git a/SPECS/ImageMagick.spec b/SPECS/ImageMagick.spec
index b403e64..80c28e3 100644
--- a/SPECS/ImageMagick.spec
+++ b/SPECS/ImageMagick.spec
@@ -3,7 +3,7 @@
Name: ImageMagick
Version: %{VER}.%{Patchlevel}
-Release: 13%{?dist}
+Release: 15%{?dist}
Summary: An X application for displaying and manipulating images
Group: Applications/Multimedia
License: ImageMagick
@@ -14,6 +14,13 @@ Patch0: 0001-Fix-man-page-scan-results.patch
Patch1: 0001-Fix-CVE-2014-1947-CVE-2014-2030.patch
Patch2: 0002-1303227-fix-exr-crash.patch
Patch3: ImageMagick-cve-2016-3717.patch
+Patch4: ImageMagick-cve-2016-5118.patch
+Patch5: ImageMagick-pict-doublefree.patch
+Patch6: ImageMagick-gnuplot-delegate-remove.diff
+Patch7: ImageMagick-icon-mem.patch
+Patch8: ImageMagick-splice-crash.patch
+Patch9: ImageMagick-null-pointer-access.patch
+Patch10: ImageMagick-cve-2016-5240.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildRequires: bzip2-devel, freetype-devel, libjpeg-devel, libpng-devel
@@ -131,6 +138,13 @@ cp -p Magick++/demo/*.cpp Magick++/demo/*.miff Magick++/examples
%patch1 -p1
%patch2 -p1
%patch3 -p1 -z .cve-2016-3717
+%patch4 -p1 -b .cve-2016-5118
+%patch5 -p1 -b .pict-doublefree
+%patch6 -p1 -b .gnuplot-delegate-remove
+%patch7 -p1 -b .icon-mem
+%patch8 -p1 -b .splice-crash
+%patch9 -p1 -b .null-pointer-access
+%patch10 -p1 -b .cve-2016-5240
%build
%configure --enable-shared \
@@ -285,6 +299,10 @@ rm -rf %{buildroot}
%doc PerlMagick/demo/ PerlMagick/Changelog PerlMagick/README.txt
%changelog
+* Thu Jun 2 2016 Jan Horak <jhorak@redhat.com> - 6.7.8.9-15
+- Added fix for CVE-2016-5118, CVE-2016-5240, rhbz#1269562,
+ rhbz#1326834, rhbz#1334188, rhbz#1269553
+
* Thu May 5 2016 Jan Horak <jhorak@redhat.com> - 6.7.8.9-13
- Add fix for CVE-2016-3714, CVE-2016-3715, CVE-2016-3716, CVE-2016-3717