Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- diff -Nur before/ImageMagick-6.8.8-1-disable-insecure-coders.patch after/ImageMagick-6.8.8-1-disable-insecure-coders.patch
- --- before/ImageMagick-6.8.8-1-disable-insecure-coders.patch 1970-01-01 01:00:00.000000000 +0100
- +++ after/ImageMagick-6.8.8-1-disable-insecure-coders.patch 2016-05-07 09:44:35.000000000 +0200
- @@ -0,0 +1,23 @@
- +Disable insecure loaders by default bsc#978061
- +sflees@suse.de
- +
- +Index: ImageMagick-6.8.8-1/config/policy.xml
- +===================================================================
- +--- ImageMagick-6.8.8-1.orig/config/policy.xml 2013-01-14 14:57:39.000000000 +0100
- ++++ ImageMagick-6.8.8-1/config/policy.xml 2016-05-06 10:03:49.137177736 +0200
- +@@ -56,4 +56,15 @@
- + <!-- <policy domain="resource" name="time" value="3600"/> -->
- + <!-- <policy domain="system" name="precision" value="6"/> -->
- + <policy domain="cache" name="shared-secret" value="passphrase"/>
- ++ <!-- Disable insecure coders by default -->
- ++ <!-- https://bugzilla.suse.com/show_bug.cgi?id=978061 -->
- ++ <policy domain="coder" rights="none" pattern="EPHEMERAL" />
- ++ <policy domain="coder" rights="none" pattern="URL" />
- ++ <policy domain="coder" rights="none" pattern="HTTPS" />
- ++ <policy domain="coder" rights="none" pattern="MVG" />
- ++ <policy domain="coder" rights="none" pattern="MSL" />
- ++ <policy domain="coder" rights="none" pattern="TEXT" />
- ++ <policy domain="coder" rights="none" pattern="SHOW" />
- ++ <policy domain="coder" rights="none" pattern="WIN" />
- ++ <policy domain="coder" rights="none" pattern="PLT" />
- + </policymap>
- Binary files before/ImageMagick-6.8.8.1-6.1.src.rpm and after/ImageMagick-6.8.8.1-6.1.src.rpm differ
- Binary files before/ImageMagick-6.8.8.1-9.1.src.rpm and after/ImageMagick-6.8.8.1-9.1.src.rpm differ
- diff -Nur before/ImageMagick.changes after/ImageMagick.changes
- --- before/ImageMagick.changes 2015-11-27 17:55:07.000000000 +0100
- +++ after/ImageMagick.changes 2016-05-07 09:44:36.000000000 +0200
- @@ -1,4 +1,16 @@
- -------------------------------------------------------------------
- +Wed May 4 03:32:47 UTC 2016 - sflees@suse.de
- +
- +- Use external svg loader (rsvg)
- +- Disable insecure coders [bnc#978061]
- + * ImageMagick-6.8.8-1-disable-insecure-coders.patch
- + * CVE-2016-3714
- + * CVE-2016-3715
- + * CVE-2016-3716
- + * CVE-2016-3717
- + * CVE-2016-3718
- +
- +-------------------------------------------------------------------
- Mon Oct 19 14:04:29 UTC 2015 - pgajdos@suse.com
- - fix default value of the image in pdf [bnc#950872]
- diff -Nur before/ImageMagick.spec after/ImageMagick.spec
- --- before/ImageMagick.spec 2015-11-28 16:06:50.000000000 +0100
- +++ after/ImageMagick.spec 2016-05-07 10:01:51.000000000 +0200
- @@ -1,7 +1,7 @@
- #
- # spec file for package ImageMagick
- #
- -# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany.
- +# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
- #
- # All modifications and additions to the file contributed by third parties
- # remain the property of their copyright owners, unless otherwise agreed
- @@ -52,7 +52,7 @@
- %define cxxlibver 3
- %define libspec -%{maj}_Q%{quantum_depth}
- Version: %{mfr_version}.%{mfr_revision}
- -Release: 6.1
- +Release: 9.1
- Summary: Viewer and Converter for Images
- License: ImageMagick
- Group: Productivity/Graphics/Other
- @@ -81,6 +81,7 @@
- Patch16: ImageMagick-CVE-2014-8354.patch
- Patch17: ImageMagick-CVE-2014-8716.patch
- Patch18: ImageMagick-pdf-img-compression.patch
- +Patch20: ImageMagick-6.8.8-1-disable-insecure-coders.patch
- BuildRoot: %{_tmppath}/%{name}-%{version}-build
- %package -n perl-PerlMagick
- @@ -153,6 +154,7 @@
- %patch16
- %patch17
- %patch18
- +%patch20 -p1
- %build
- export CFLAGS="$RPM_OPT_FLAGS"
- @@ -181,6 +183,7 @@
- --with-perl-options="INSTALLDIRS=vendor CC='%__cc -L$PWD/magick/.libs' LDDLFLAGS='-shared -L$PWD/magick/.libs'" \
- --disable-static \
- --with-djvu=yes \
- + --with-rsvg=yes \
- --with-wmf=yes \
- --with-quantum-depth=%{quantum_depth}
- # don't build together, PerlMagick could be miscompiled when using parallel build[1]
- @@ -435,6 +438,15 @@
- %changelog
- +* Wed May 4 2016 sflees@suse.de
- +- Use external svg loader (rsvg)
- +- Disable insecure coders [bnc#978061]
- + * ImageMagick-6.8.8-1-disable-insecure-coders.patch
- + * CVE-2016-3714
- + * CVE-2016-3715
- + * CVE-2016-3716
- + * CVE-2016-3717
- + * CVE-2016-3718
- * Mon Oct 19 2015 pgajdos@suse.com
- - fix default value of the image in pdf [bnc#950872]
- * Tue Oct 6 2015 pgajdos@suse.com
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement