public/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

imagemagick: Disable insecure coders (ImageTragick)

Browse Source 
See:

  * https://imagetragick.com/
  * https://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=29588
This commit is contained in:
Franz Pletz 2016-05-04 01:20:08 +02:00
parent 05eae0242d
commit 69c14985d0
2 changed files with 17 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
pkgs/applications/graphics/ImageMagick/default.nix
View File

@ -24,6 +24,8 @@ stdenv.mkDerivation rec {
sha256 = "0q19jgn1iv7zqrw8ibxp4z57iihrc9kyb09k2wnspcacs6vrvinf"; sha256 = "0q19jgn1iv7zqrw8ibxp4z57iihrc9kyb09k2wnspcacs6vrvinf";
}; };
patches = [ ./imagetragick.patch ];
outputs = [ "out" "doc" ]; outputs = [ "out" "doc" ];
enableParallelBuilding = true; enableParallelBuilding = true;

15
pkgs/applications/graphics/ImageMagick/imagetragick.patch Normal file
View File

@ -0,0 +1,15 @@
diff --git a/config/policy.xml b/config/policy.xml
index ca3b022..b058c05 100644
--- a/config/policy.xml
+++ b/config/policy.xml
@@ -58,4 +58,10 @@
<!-- <policy domain="resource" name="time" value="3600"/> -->
<!-- <policy domain="system" name="precision" value="6"/> -->
<policy domain="cache" name="shared-secret" value="passphrase"/>
+
+ <policy domain="coder" rights="none" pattern="EPHEMERAL" />
+ <policy domain="coder" rights="none" pattern="URL" />
+ <policy domain="coder" rights="none" pattern="HTTPS" />
+ <policy domain="coder" rights="none" pattern="MVG" />
+ <policy domain="coder" rights="none" pattern="MSL" />
</policymap>