svn commit: r414562 - in head/graphics: ImageMagick ImageMagick/files ImageMagick7 ImageMagick7/files
Koop Mast
kwm at FreeBSD.org
Tue May 3 21:52:34 UTC 2016
Author: kwm
Date: Tue May 3 21:52:32 2016
New Revision: 414562
URL: https://svnweb.freebsd.org/changeset/ports/414562
Log:
Disable EPHEMERAL, HTTPS, MVG and MSL coders until a a new release can be
made what fixes the CVE issues with these coders.
Obtained from: ImageMagick support forum
Security: CVE-2016-3714
Added:
head/graphics/ImageMagick/files/
head/graphics/ImageMagick/files/patch-config_delegates.xml.in (contents, props changed)
head/graphics/ImageMagick/files/patch-config_policy.xml (contents, props changed)
head/graphics/ImageMagick7/files/
head/graphics/ImageMagick7/files/patch-config_delegates.xml.in (contents, props changed)
head/graphics/ImageMagick7/files/patch-config_policy.xml (contents, props changed)
Modified:
head/graphics/ImageMagick/Makefile
head/graphics/ImageMagick7/Makefile
Modified: head/graphics/ImageMagick/Makefile
==============================================================================
--- head/graphics/ImageMagick/Makefile Tue May 3 21:27:18 2016 (r414561)
+++ head/graphics/ImageMagick/Makefile Tue May 3 21:52:32 2016 (r414562)
@@ -2,6 +2,7 @@
PORTNAME= ImageMagick
DISTVERSION= 6.9.3-9
+PORTREVISION= 1
PORTEPOCH= 1
CATEGORIES= graphics perl5
MASTER_SITES= http://www.imagemagick.org/download/ \
Added: head/graphics/ImageMagick/files/patch-config_delegates.xml.in
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/graphics/ImageMagick/files/patch-config_delegates.xml.in Tue May 3 21:52:32 2016 (r414562)
@@ -0,0 +1,10 @@
+--- config/delegates.xml.in.orig 2016-05-03 23:36:18.581813000 +0200
++++ config/delegates.xml.in 2016-05-03 23:36:26.858835000 +0200
+@@ -88,7 +88,6 @@
+ <delegate decode="hpgl" command=""@HPGLDecodeDelegate@" -q -m eps -f `basename "%o"` "%i"; mv -f `basename "%o"` "%o""/>
+ <delegate decode="htm" command=""@HTMLDecodeDelegate@" -U -o "%o" "%i""/>
+ <delegate decode="html" command=""@HTMLDecodeDelegate@" -U -o "%o" "%i""/>
+- <delegate decode="https" command=""@WWWDecodeDelegate@" -s -k -L -o "%o" "https:%F""/>
+ <delegate decode="ilbm" command=""@ILBMDecodeDelegate@" "%i" > "%o""/>
+ <delegate decode="jxr" command="mv "%i" "%i.jxr"; "@JXRDecodeDelegate@" -i "%i.jxr" -o "%o.bmp" -c 0; mv "%i.jxr" "%i"; mv "%o.bmp" "%o""/>
+ <delegate decode="man" command=""@MANDelegate@" -man -Tps "%i" > "%o""/>
Added: head/graphics/ImageMagick/files/patch-config_policy.xml
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/graphics/ImageMagick/files/patch-config_policy.xml Tue May 3 21:52:32 2016 (r414562)
@@ -0,0 +1,12 @@
+--- config/policy.xml.orig 2016-05-03 23:18:45.652543000 +0200
++++ config/policy.xml 2016-05-03 23:19:23.818471000 +0200
+@@ -58,4 +58,9 @@
+ <!-- <policy domain="resource" name="time" value="3600"/> -->
+ <!-- <policy domain="system" name="precision" value="6"/> -->
+ <policy domain="cache" name="shared-secret" value="passphrase"/>
++ <policy domain="coder" rights="none" pattern="EPHEMERAL" />
++ <policy domain="coder" rights="none" pattern="URL" />
++ <policy domain="coder" rights="none" pattern="HTTPS" />
++ <policy domain="coder" rights="none" pattern="MVG" />
++ <policy domain="coder" rights="none" pattern="MSL" />
+ </policymap>
Modified: head/graphics/ImageMagick7/Makefile
==============================================================================
--- head/graphics/ImageMagick7/Makefile Tue May 3 21:27:18 2016 (r414561)
+++ head/graphics/ImageMagick7/Makefile Tue May 3 21:52:32 2016 (r414562)
@@ -2,6 +2,7 @@
PORTNAME= ImageMagick
DISTVERSION= 7.0.1-0
+PORTREVISION= 1
CATEGORIES= graphics perl5
MASTER_SITES= http://www.imagemagick.org/download/ \
http://www.imagemagick.org/download/legacy/ \
Added: head/graphics/ImageMagick7/files/patch-config_delegates.xml.in
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/graphics/ImageMagick7/files/patch-config_delegates.xml.in Tue May 3 21:52:32 2016 (r414562)
@@ -0,0 +1,10 @@
+--- config/delegates.xml.in.orig 2016-05-03 23:33:12.300197000 +0200
++++ config/delegates.xml.in 2016-05-03 23:33:29.641438000 +0200
+@@ -90,7 +90,6 @@
+ <delegate decode="hpgl" command=""@HPGLDecodeDelegate@" -q -m eps -f `basename "%o"` "%i"; mv -f `basename "%o"` "%o""/>
+ <delegate decode="htm" command=""@HTMLDecodeDelegate@" -U -o "%o" "%i""/>
+ <delegate decode="html" command=""@HTMLDecodeDelegate@" -U -o "%o" "%i""/>
+- <delegate decode="https" command=""@WWWDecodeDelegate@" -s -k -L -o "%o" "https:%F""/>
+ <delegate decode="ilbm" command=""@ILBMDecodeDelegate@" "%i" > "%o""/>
+ <delegate decode="jxr" command="mv "%i" "%i.jxr"; "@JXRDecodeDelegate@" -i "%i.jxr" -o "%o.pnm"; mv "%i.jxr" "%i"; mv "%o.pnm" "%o""/>
+ <delegate decode="man" command=""@MANDelegate@" -man -Tps "%i" > "%o""/>
Added: head/graphics/ImageMagick7/files/patch-config_policy.xml
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/graphics/ImageMagick7/files/patch-config_policy.xml Tue May 3 21:52:32 2016 (r414562)
@@ -0,0 +1,12 @@
+--- config/policy.xml.orig 2016-05-03 23:18:45.652543000 +0200
++++ config/policy.xml 2016-05-03 23:19:23.818471000 +0200
+@@ -58,4 +58,9 @@
+ <!-- <policy domain="resource" name="time" value="3600"/> -->
+ <!-- <policy domain="system" name="precision" value="6"/> -->
+ <policy domain="cache" name="shared-secret" value="passphrase"/>
++ <policy domain="coder" rights="none" pattern="EPHEMERAL" />
++ <policy domain="coder" rights="none" pattern="URL" />
++ <policy domain="coder" rights="none" pattern="HTTPS" />
++ <policy domain="coder" rights="none" pattern="MVG" />
++ <policy domain="coder" rights="none" pattern="MSL" />
+ </policymap>
More information about the svn-ports-all
mailing list