wok-current rev 19107

imagemagick: CVE-2016-3714 workaround
author Pascal Bellard <pascal.bellard@slitaz.org>
date Thu May 05 21:19:10 2016 +0200 (2016-05-05)
parents e96b9982c405
children 8c9f4d4c6626
files imagemagick/receipt
line diff
     1.1 --- a/imagemagick/receipt	Thu May 05 13:16:00 2016 +0200
     1.2 +++ b/imagemagick/receipt	Thu May 05 21:19:10 2016 +0200
     1.3 @@ -48,5 +48,18 @@
     1.4  	cp -a $install/usr/lib/*.so* $fs/usr/lib
     1.5  	cp -a $install/usr/lib/$SOURCE-$SHORT_VERSION $fs/usr/lib
     1.6  	cp -a $install/usr/share/$SOURCE-* $fs/usr/share
     1.7 +
     1.8 +	# CVE-2016-3714 work around v5
     1.9 +	sed -i '/<policymap>/r/dev/stdin' $fs/etc/ImageMagick-6/policy.xml <<EOT
    1.10 +  <policy domain="coder" rights="none" pattern="EPHEMERAL" />
    1.11 +  <policy domain="coder" rights="none" pattern="URL" />
    1.12 +  <policy domain="coder" rights="none" pattern="HTTPS" />
    1.13 +  <policy domain="coder" rights="none" pattern="MVG" />
    1.14 +  <policy domain="coder" rights="none" pattern="MSL" />
    1.15 +  <policy domain="coder" rights="none" pattern="TEXT" />
    1.16 +  <policy domain="coder" rights="none" pattern="SHOW" />
    1.17 +  <policy domain="coder" rights="none" pattern="WIN" />
    1.18 +  <policy domain="coder" rights="none" pattern="PLT" />
    1.19 +EOT
    1.20  }
    1.21