Overview

File ImageMagick-configuration-SUSE.patch of Package ImageMagick.15344

Disable insecure loaders by default bsc#978061
sflees@suse.de

Index: ImageMagick-6.8.8-1/config/policy.xml
===================================================================
--- ImageMagick-6.8.8-1.orig/config/policy.xml	2018-08-30 08:39:11.734632442 +0200
+++ ImageMagick-6.8.8-1/config/policy.xml	2018-08-30 08:40:42.951073727 +0200
@@ -56,4 +56,23 @@
   <!-- <policy domain="resource" name="time" value="3600"/> -->
   <!-- <policy domain="system" name="precision" value="6"/> -->
   <policy domain="cache" name="shared-secret" value="passphrase"/>
+  <!-- Disable insecure coders by default -->
+  <!-- https://bugzilla.suse.com/show_bug.cgi?id=978061 -->
+  <policy domain="coder" rights="none" pattern="EPHEMERAL" />
+  <policy domain="coder" rights="none" pattern="URL" />
+  <policy domain="coder" rights="none" pattern="HTTPS" />
+  <policy domain="coder" rights="none" pattern="MVG" />
+  <policy domain="coder" rights="none" pattern="MSL" />
+  <policy domain="coder" rights="none" pattern="TEXT" />
+  <policy domain="coder" rights="none" pattern="SHOW" />
+  <policy domain="coder" rights="none" pattern="WIN" />
+  <policy domain="coder" rights="none" pattern="PLT" />
+  <policy domain="coder" rights="write" pattern="PS" />
+  <policy domain="coder" rights="write" pattern="PS2" />
+  <policy domain="coder" rights="write" pattern="PS3" />
+  <policy domain="coder" rights="write" pattern="EPS" />
+  <policy domain="coder" rights="write" pattern="XPS" />
+  <policy domain="coder" rights="write" pattern="PDF" />
+  <policy domain="coder" rights="write" pattern="PCL" />
+  <policy domain="path" rights="none" pattern="@*"/>
 </policymap>
openSUSE Build Service is sponsored by
Places