jcgruenhage/void-packages
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

ImageMagick: fix CVE-2016–3714

Browse source
This commit is contained in:
Alessio Sergi 2016-05-04 10:24:49 +02:00
parent 9c795df951
commit 34d94d09e6
2 changed files with 25 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

24
srcpkgs/ImageMagick/patches/CVE-2016-3714.patch Normal file
View file

@ -0,0 +1,24 @@
https://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=29588
--- config/delegates.xml.in.orig 2016-05-03 23:36:18.581813000 +0200
+++ config/delegates.xml.in 2016-05-03 23:36:26.858835000 +0200
@@ -88,7 +88,6 @@
<delegate decode="hpgl" command="&quot;@HPGLDecodeDelegate@&quot; -q -m eps -f `basename &quot;%o&quot;` &quot;%i&quot;; mv -f `basename &quot;%o&quot;` &quot;%o&quot;"/>
<delegate decode="htm" command="&quot;@HTMLDecodeDelegate@&quot; -U -o &quot;%o&quot; &quot;%i&quot;"/>
<delegate decode="html" command="&quot;@HTMLDecodeDelegate@&quot; -U -o &quot;%o&quot; &quot;%i&quot;"/>
- <delegate decode="https" command="&quot;@WWWDecodeDelegate@&quot; -s -k -L -o &quot;%o&quot; &quot;https:%F&quot;"/>
<delegate decode="ilbm" command="&quot;@ILBMDecodeDelegate@&quot; &quot;%i&quot; &gt; &quot;%o&quot;"/>
<delegate decode="jxr" command="mv &quot;%i&quot; &quot;%i.jxr&quot;; &quot;@JXRDecodeDelegate@&quot; -i &quot;%i.jxr&quot; -o &quot;%o.bmp&quot; -c 0; mv &quot;%i.jxr&quot; &quot;%i&quot;; mv &quot;%o.bmp&quot; &quot;%o&quot;"/>
<delegate decode="man" command="&quot;@MANDelegate@&quot; -man -Tps &quot;%i&quot; &gt; &quot;%o&quot;"/>
--- config/policy.xml.orig 2016-05-03 23:18:45.652543000 +0200
+++ config/policy.xml 2016-05-03 23:19:23.818471000 +0200
@@ -58,4 +58,9 @@
<!-- <policy domain="resource" name="time" value="3600"/> -->
<!-- <policy domain="system" name="precision" value="6"/> -->
<policy domain="cache" name="shared-secret" value="passphrase"/>
+ <policy domain="coder" rights="none" pattern="EPHEMERAL" />
+ <policy domain="coder" rights="none" pattern="URL" />
+ <policy domain="coder" rights="none" pattern="HTTPS" />
+ <policy domain="coder" rights="none" pattern="MVG" />
+ <policy domain="coder" rights="none" pattern="MSL" />
</policymap>

2
srcpkgs/ImageMagick/template
View file

@ -3,7 +3,7 @@ pkgname=ImageMagick
_majorver=6.9.3
_patchver=9
version=${_majorver}.${_patchver}
revision=1
revision=2
wrksrc=${pkgname}-${_majorver}-${_patchver}
build_style=gnu-configure
configure_args="--without-autotrace --with-wmf=yes