wok rev 19107
imagemagick: CVE-2016-3714 workaround
| author | Pascal Bellard <pascal.bellard@slitaz.org> |
|---|---|
| date | Thu May 05 21:19:10 2016 +0200 (2016-05-05) |
| parents | e96b9982c405 |
| children | 8c9f4d4c6626 |
| files | imagemagick/receipt |
line diff
1.1 --- a/imagemagick/receipt Thu May 05 13:16:00 2016 +0200 1.2 +++ b/imagemagick/receipt Thu May 05 21:19:10 2016 +0200 1.3 @@ -48,5 +48,18 @@ 1.4 cp -a $install/usr/lib/*.so* $fs/usr/lib 1.5 cp -a $install/usr/lib/$SOURCE-$SHORT_VERSION $fs/usr/lib 1.6 cp -a $install/usr/share/$SOURCE-* $fs/usr/share 1.7 + 1.8 + # CVE-2016-3714 work around v5 1.9 + sed -i '/<policymap>/r/dev/stdin' $fs/etc/ImageMagick-6/policy.xml <<EOT 1.10 + <policy domain="coder" rights="none" pattern="EPHEMERAL" /> 1.11 + <policy domain="coder" rights="none" pattern="URL" /> 1.12 + <policy domain="coder" rights="none" pattern="HTTPS" /> 1.13 + <policy domain="coder" rights="none" pattern="MVG" /> 1.14 + <policy domain="coder" rights="none" pattern="MSL" /> 1.15 + <policy domain="coder" rights="none" pattern="TEXT" /> 1.16 + <policy domain="coder" rights="none" pattern="SHOW" /> 1.17 + <policy domain="coder" rights="none" pattern="WIN" /> 1.18 + <policy domain="coder" rights="none" pattern="PLT" /> 1.19 +EOT 1.20 } 1.21