pool/ImageMagick
SHA256
4
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
ImageMagick/ImageMagick-disable-insecure-coders.patch
Petr Gajdos 0a99fb041c - updated to 7.0.6-0 
* coders/png.c: Accept exIf chunks whose data segment
    erroneously begins with "Exif\0\0".
  * Introduce SetMagickSecurityPolicy() (MagickCore) and
    MagickSetSecurityPolicy() (MagickWand) to set the ImageMagick security
    policy (reference https://github.com/ImageMagick/ImageMagick/issues/407).
  * Removed experimental PNG zxIF chunk support; the proposal is dead.
  * Fix choppy bitmap font rendering (reference
    https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=32071).
  * The +opaque option is not longer a noop (reference
    https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=32081).
  * Add support  for 'hex:' property.
  * Transient error validating the JPEG-2000 image format (reference
    https://github.com/ImageMagick/ImageMagick/issues/501).
  * Properly allocate DCM image colormap (reference
    https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=32063).
  * Improper allocation of memory for IM instances without threads (reference
    https://github.com/ImageMagick/ImageMagick/issues/497).
  * Delete corrupt image from list (reference
    https://github.com/ImageMagick/ImageMagick/issues/500).
  * Support various image operators for the compare utility (reference
    https://www.imagemagick.org/discourse-server/viewtopic.php?f=2&t=31938).

OBS-URL: https://build.opensuse.org/package/show/graphics/ImageMagick?expand=0&rev=289
2017-06-28 07:44:52 +00:00

21 lines
1.1 KiB
Diff
Raw Blame History

Index: ImageMagick-7.0.6-0/config/policy.xml
===================================================================
--- ImageMagick-7.0.6-0.orig/config/policy.xml 2017-06-28 09:11:49.170299620 +0200
+++ ImageMagick-7.0.6-0/config/policy.xml 2017-06-28 09:13:16.191813685 +0200
@@ -76,4 +76,15 @@
<!-- <policy domain="cache" name="memory-map" value="anonymous"/> -->
<!-- <policy domain="cache" name="synchronize" value="True"/> -->
<!-- <policy domain="cache" name="shared-secret" value="passphrase" stealth="true"/> -->
+ <!-- Disable insecure coders by default -->
+ <!-- https://bugzilla.suse.com/show_bug.cgi?id=978061 -->
+ <policy domain="coder" rights="none" pattern="EPHEMERAL" />
+ <policy domain="coder" rights="none" pattern="URL" />
+ <policy domain="coder" rights="none" pattern="HTTPS" />
+ <policy domain="coder" rights="none" pattern="MVG" />
+ <policy domain="coder" rights="none" pattern="MSL" />
+ <policy domain="coder" rights="none" pattern="TEXT" />
+ <policy domain="coder" rights="none" pattern="SHOW" />
+ <policy domain="coder" rights="none" pattern="WIN" />
+ <policy domain="coder" rights="none" pattern="PLT" />
</policymap>
Reference in New Issue View Git Blame Copy Permalink