From d46f171c65fda2a031c58b2ac6292d870351e481 Mon Sep 17 00:00:00 2001 From: Koop Mast Date: Tue, 3 May 2016 21:52:32 +0000 Subject: Disable EPHEMERAL, HTTPS, MVG and MSL coders until a a new release can be made what fixes the CVE issues with these coders. Obtained from: ImageMagick support forum Security: CVE-2016-3714 --- graphics/ImageMagick7/Makefile | 1 + graphics/ImageMagick7/files/patch-config_delegates.xml.in | 10 ++++++++++ graphics/ImageMagick7/files/patch-config_policy.xml | 12 ++++++++++++ 3 files changed, 23 insertions(+) create mode 100644 graphics/ImageMagick7/files/patch-config_delegates.xml.in create mode 100644 graphics/ImageMagick7/files/patch-config_policy.xml (limited to 'graphics/ImageMagick7') diff --git a/graphics/ImageMagick7/Makefile b/graphics/ImageMagick7/Makefile index c8aca4972fa4..649ef90f416e 100644 --- a/graphics/ImageMagick7/Makefile +++ b/graphics/ImageMagick7/Makefile @@ -2,6 +2,7 @@ PORTNAME= ImageMagick DISTVERSION= 7.0.1-0 +PORTREVISION= 1 CATEGORIES= graphics perl5 MASTER_SITES= http://www.imagemagick.org/download/ \ http://www.imagemagick.org/download/legacy/ \ diff --git a/graphics/ImageMagick7/files/patch-config_delegates.xml.in b/graphics/ImageMagick7/files/patch-config_delegates.xml.in new file mode 100644 index 000000000000..c269fb5771f6 --- /dev/null +++ b/graphics/ImageMagick7/files/patch-config_delegates.xml.in @@ -0,0 +1,10 @@ +--- config/delegates.xml.in.orig 2016-05-03 23:33:12.300197000 +0200 ++++ config/delegates.xml.in 2016-05-03 23:33:29.641438000 +0200 +@@ -90,7 +90,6 @@ + + + +- + + + diff --git a/graphics/ImageMagick7/files/patch-config_policy.xml b/graphics/ImageMagick7/files/patch-config_policy.xml new file mode 100644 index 000000000000..171053813054 --- /dev/null +++ b/graphics/ImageMagick7/files/patch-config_policy.xml @@ -0,0 +1,12 @@ +--- config/policy.xml.orig 2016-05-03 23:18:45.652543000 +0200 ++++ config/policy.xml 2016-05-03 23:19:23.818471000 +0200 +@@ -58,4 +58,9 @@ + + + ++ ++ ++ ++ ++ + -- cgit v1.2.3