pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/trunk]: pkgsrc/graphics/ImageMagick ImageMagick: Disable ghostscript ...



details:   https://anonhg.NetBSD.org/pkgsrc/rev/81b6edb5bc36
branches:  trunk
changeset: 312045:81b6edb5bc36
user:      leot <leot%pkgsrc.org@localhost>
date:      Wed Aug 22 13:39:24 2018 +0000

description:
ImageMagick: Disable ghostscript coders by default in policy.xml

Disable ghostscript coders in policy.xml as a workaround for
VU#332928 (<https://www.kb.cert.org/vuls/id/332928>).

Please note that apart commenting/removing lines added in policy.xml,
the ghostscript coders can be enabled per-user by copying policy.xml
to ~/.config/ImageMagick/policy.xml and adjusting it with the
following lines:

  | [...]
  | <policy domain="coder" rights="read|write" pattern="PS" />
  | <policy domain="coder" rights="read|write" pattern="EPS" />
  | <policy domain="coder" rights="read|write" pattern="PDF" />
  | <policy domain="coder" rights="read|write" pattern="XPS" />
  | [...]

Bump PKGREVISION

diffstat:

 graphics/ImageMagick/Makefile                        |   4 +-
 graphics/ImageMagick/distinfo                        |   3 +-
 graphics/ImageMagick/patches/patch-config_policy.xml |  22 ++++++++++++++++++++
 3 files changed, 26 insertions(+), 3 deletions(-)

diffs (50 lines):

diff -r fc782d2f737e -r 81b6edb5bc36 graphics/ImageMagick/Makefile
--- a/graphics/ImageMagick/Makefile     Wed Aug 22 13:38:15 2018 +0000
+++ b/graphics/ImageMagick/Makefile     Wed Aug 22 13:39:24 2018 +0000
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.245 2018/08/22 09:45:10 wiz Exp $
+# $NetBSD: Makefile,v 1.246 2018/08/22 13:39:24 leot Exp $
 
-PKGREVISION= 1
+PKGREVISION= 2
 .include "Makefile.common"
 
 PKGNAME=       ImageMagick-${DISTVERSION}
diff -r fc782d2f737e -r 81b6edb5bc36 graphics/ImageMagick/distinfo
--- a/graphics/ImageMagick/distinfo     Wed Aug 22 13:38:15 2018 +0000
+++ b/graphics/ImageMagick/distinfo     Wed Aug 22 13:39:24 2018 +0000
@@ -1,6 +1,7 @@
-$NetBSD: distinfo,v 1.190 2018/08/16 08:23:16 wiz Exp $
+$NetBSD: distinfo,v 1.191 2018/08/22 13:39:24 leot Exp $
 
 SHA1 (ImageMagick-7.0.8-10.tar.xz) = c69fb5b1ec2d04711a98df8762926a37e3f13bc5
 RMD160 (ImageMagick-7.0.8-10.tar.xz) = 9e5339d7e4f2dbc42090cd8394bca5b97dc485ba
 SHA512 (ImageMagick-7.0.8-10.tar.xz) = a4869e0a9be5e04c04fcd1fce5c4141d63968ee7f1dd78d84724921f2f088bdcea8c3b3799e1ff555a2a04dec32a1fb7c4a1e6053a6185e9a36c6ae0f1b9c6ed
 Size (ImageMagick-7.0.8-10.tar.xz) = 8635496 bytes
+SHA1 (patch-config_policy.xml) = 2b7e37cc8fedb0d06502ba1d7e65a5aea9d6ec96
diff -r fc782d2f737e -r 81b6edb5bc36 graphics/ImageMagick/patches/patch-config_policy.xml
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/graphics/ImageMagick/patches/patch-config_policy.xml      Wed Aug 22 13:39:24 2018 +0000
@@ -0,0 +1,22 @@
+$NetBSD: patch-config_policy.xml,v 1.1 2018/08/22 13:39:24 leot Exp $
+
+Disable ghostscript coders by default to workaround VU#332928:
+<https://www.kb.cert.org/vuls/id/332928>
+
+--- config/policy.xml.orig     2018-08-13 11:05:28.000000000 +0000
++++ config/policy.xml
+@@ -74,4 +74,14 @@
+   <!-- <policy domain="cache" name="memory-map" value="anonymous"/> -->
+   <!-- <policy domain="cache" name="synchronize" value="True"/> -->
+   <!-- <policy domain="cache" name="shared-secret" value="passphrase" stealth="true"/> -->
++
++  <!-- 
++    -- Disable ghostscript coders as suggested by VU#332928
++    --  <https://www.kb.cert.org/vuls/id/332928>
++    -->
++  <policy domain="coder" rights="none" pattern="PS" />
++  <policy domain="coder" rights="none" pattern="EPS" />
++  <policy domain="coder" rights="none" pattern="PDF" />
++  <policy domain="coder" rights="none" pattern="XPS" />
++
+ </policymap>



Home | Main Index | Thread Index | Old Index