[packages/ImageMagick] policy.xml changes to mitigate imagetragick

glen Thu, 26 May 2016 07:44:48 -0700

commit b721b050c0cd63ad00f987bc3a6389ac2a7282e0
Author: Elan Ruusamäe <[email protected]>
Date:   Thu May 26 17:43:23 2016 +0300


    policy.xml changes to mitigate imagetragick
    
    recommended config from https://imagetragick.com/

 ImageMagick.spec |  4 +++-
 config.patch     | 19 +++++++++++++++++++
 2 files changed, 22 insertions(+), 1 deletion(-)
---
diff --git a/ImageMagick.spec b/ImageMagick.spec
index d43816b..e311d01 100644
--- a/ImageMagick.spec
+++ b/ImageMagick.spec
@@ -33,12 +33,13 @@ Summary(tr.UTF-8):  X altında resim gösterme, çevirme ve 
değişiklik yapma
 Summary(uk.UTF-8):     Перегляд, конвертування та обробка зображень під X 
Window
 Name:          ImageMagick
 Version:       %{ver}%{?pver:.%{pver}}
-Release:       1
+Release:       2
 Epoch:         1
 License:       Apache-like
 Group:         X11/Applications/Graphics
 Source0:       
ftp://ftp.imagemagick.org/pub/ImageMagick/%{name}-%{ver}-%{pver}.tar.xz
 # Source0-md5: 430d33915b19f38012b55f98904c4f37
+Patch0:                config.patch
 Patch1:                %{name}-link.patch
 Patch2:                %{name}-libpath.patch
 Patch3:                %{name}-ldflags.patch
@@ -657,6 +658,7 @@ Moduł kodera dla plików WMF.
 
 %prep
 %setup -q -n %{name}-%{ver}-%{pver}
+%patch0 -p1
 %patch1 -p1
 %patch2 -p1
 %patch3 -p1
diff --git a/config.patch b/config.patch
new file mode 100644
index 0000000..efe62fc
--- /dev/null
+++ b/config.patch
@@ -0,0 +1,19 @@
+--- ImageMagick-6.9.4-1/config/policy.xml      2016-05-09 20:28:58.000000000 
+0300
++++ ImageMagick-6.9.4-1/config/policy.xml.new  2016-05-26 17:37:36.934136236 
+0300
+@@ -61,7 +57,14 @@
+   <!-- <policy domain="resource" name="throttle" value="0"/> -->
+   <!-- <policy domain="resource" name="time" value="3600"/> -->
+   <!-- <policy domain="system" name="precision" value="6"/> -->
+-  <!-- <policy domain="coder" rights="none" pattern="HTTPS" /> -->
+-  <!-- <policy domain="path" rights="none" pattern="@*" /> -->
++  <policy domain="coder" rights="none" pattern="EPHEMERAL" />
++  <policy domain="coder" rights="none" pattern="URL" />
++  <policy domain="coder" rights="none" pattern="HTTPS" />
++  <policy domain="coder" rights="none" pattern="MVG" />
++  <policy domain="coder" rights="none" pattern="MSL" />
++  <policy domain="coder" rights="none" pattern="TEXT" />
++  <policy domain="coder" rights="none" pattern="SHOW" />
++  <policy domain="coder" rights="none" pattern="WIN" />
++  <policy domain="coder" rights="none" pattern="PLT" />
+   <policy domain="cache" name="shared-secret" value="passphrase"/>
+ </policymap>
================================================================

---- gitweb:

http://git.pld-linux.org/gitweb.cgi/packages/ImageMagick.git/commitdiff/b721b050c0cd63ad00f987bc3a6389ac2a7282e0

_______________________________________________
pld-cvs-commit mailing list
[email protected]
http://lists.pld-linux.org/mailman/listinfo/pld-cvs-commit

[packages/ImageMagick] policy.xml changes to mitigate imagetragick

Reply via email to