Petr Gajdos
510a4faec3
* correct previous patch to read planar RGB TIFF images.
* Repair unit test failures (reference
https://github.com/ImageMagick/ImageMagick/issues/2959).
* support YAML image format.
* use generic TIFF read method for LZW-compressed strips (reference
https://github.com/ImageMagick/ImageMagick/discussions/2935).
* possible TIFF related-heap buffer overflow (alert & POC by Hardik Shah).
* set default system font in policy.xml configuration file.
* support portable float map format 16-bit half.
- modified patches
% ImageMagick-configuration-SUSE.patch (refreshed)
OBS-URL: https://build.opensuse.org/package/show/graphics/ImageMagick?expand=0&rev=538
27 lines
1.4 KiB
Diff
27 lines
1.4 KiB
Diff
--- policy.xml.orig 2020-11-23 12:47:05.000000000 +0100
|
|
+++ policy.xml 2020-11-24 15:42:58.102090000 +0100
|
|
@@ -79,4 +79,23 @@
|
|
<!-- <policy domain="system" name="shred" value="2"/> -->
|
|
<!-- <policy domain="system" name="precision" value="6"/> -->
|
|
<!-- <policy domain="system" name="font" value="/path/to/font.ttf"/> -->
|
|
+ <!-- Disable insecure coders by default -->
|
|
+ <!-- https://bugzilla.suse.com/show_bug.cgi?id=978061 -->
|
|
+ <policy domain="coder" rights="none" pattern="EPHEMERAL" />
|
|
+ <policy domain="coder" rights="none" pattern="URL" />
|
|
+ <policy domain="coder" rights="none" pattern="HTTPS" />
|
|
+ <policy domain="coder" rights="none" pattern="MVG" />
|
|
+ <policy domain="coder" rights="none" pattern="MSL" />
|
|
+ <policy domain="coder" rights="none" pattern="TEXT" />
|
|
+ <policy domain="coder" rights="none" pattern="SHOW" />
|
|
+ <policy domain="coder" rights="none" pattern="WIN" />
|
|
+ <policy domain="coder" rights="none" pattern="PLT" />
|
|
+ <policy domain="coder" rights="write" pattern="PS" />
|
|
+ <policy domain="coder" rights="write" pattern="PS2" />
|
|
+ <policy domain="coder" rights="write" pattern="PS3" />
|
|
+ <policy domain="coder" rights="write" pattern="PDF" />
|
|
+ <policy domain="coder" rights="write" pattern="XPS" />
|
|
+ <policy domain="coder" rights="write" pattern="EPS" />
|
|
+ <policy domain="coder" rights="write" pattern="PCL" />
|
|
+ <policy domain="path" rights="none" pattern="@*"/
|
|
</policymap>
|