pool/ImageMagick
SHA256
4
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
ImageMagick/ImageMagick-6.8.8-1-disable-insecure-coders.patch
Petr Gajdos 6d2fad2b57 - updated to 6.9.4-5: 
* Most OpenCL operations are now executed asynchronous.
  * Security improvements to TEXT coder broke it (reference
    https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=29754).
  * Fix stroke offset problem for -annotate (reference
    https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=29626).
  * Add additional checks to DCM reader to prevent data-driven faults (bug
    report from Hanno Böck).
  * Fixed proper placement of text annotation for east / west gravity.
2016-05-15  6.9.4-3 Cristy  <quetzlzacatenango@image...>
  * Fix pixel cache on disk regression (reference
    https://github.com/ImageMagick/ImageMagick/issues/202).
  * Quote passwords when passed to a delegate program.
  * Can read geo-related EXIF metdata once-again (reference
    https://github.com/ImageMagick/ImageMagick/issues/198).
  * Sanitize all delegate emedded formatting characters.
  * Don't sync pixel cache in AcquireAuthenticCacheView() (bug report from
    Hanno Böck).
    + ImageMagick-CVE-2016-5118.patch

OBS-URL: https://build.opensuse.org/package/show/graphics/ImageMagick?expand=0&rev=257
2016-05-31 08:38:38 +00:00

21 lines
1.1 KiB
Diff
Raw Blame History

Index: ImageMagick-6.9.4-5/config/policy.xml
===================================================================
--- ImageMagick-6.9.4-5.orig/config/policy.xml 2016-05-31 10:30:53.221396378 +0200
+++ ImageMagick-6.9.4-5/config/policy.xml 2016-05-31 10:31:24.605900830 +0200
@@ -66,4 +66,15 @@
<!-- <policy domain="path" rights="none" pattern="@*" /> -->
<!-- <policy domain="path" rights="none" pattern="|*" /> -->
<policy domain="cache" name="shared-secret" value="passphrase" stealth="true"/>
+ <!-- Disable insecure coders by default -->
+ <!-- https://bugzilla.suse.com/show_bug.cgi?id=978061 -->
+ <policy domain="coder" rights="none" pattern="EPHEMERAL" />
+ <policy domain="coder" rights="none" pattern="URL" />
+ <policy domain="coder" rights="none" pattern="HTTPS" />
+ <policy domain="coder" rights="none" pattern="MVG" />
+ <policy domain="coder" rights="none" pattern="MSL" />
+ <policy domain="coder" rights="none" pattern="TEXT" />
+ <policy domain="coder" rights="none" pattern="SHOW" />
+ <policy domain="coder" rights="none" pattern="WIN" />
+ <policy domain="coder" rights="none" pattern="PLT" />
</policymap>
Reference in New Issue View Git Blame Copy Permalink