inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-08-14 17:58:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

MNT-16256: Merged 5.1.N (5.1.2) to 5.1.1 (5.1.1)

Browse Source 
126144 jphuynh: MNT-16255: Merged 5.0.N (5.0.4) to 5.1.N (5.1.2)
      126142 jphuynh: MNT-16254: Merged V4.2-BUG-FIX (4.2.7) to 5.0.N (5.0.4)
         126140 jphuynh: MNT-16253: Disable the vulnerable ImageMagick coders in policy.xml.
            - This commit will be merged to all HF branches so that it will be included in all future HFs.


git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/PATCHES/5.1.1/root@126181 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Alan Davis
2016-05-05 15:43:19 +00:00
parent e666572a1c
commit cb460acb55
1 changed files with 29 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
src/main/resources/bitrock/imagemagick.xml
View File

@@ -283,6 +283,34 @@ export GS_LIB
</actionList> </actionList>
</folder> </folder>
</folderList> </folderList>
<postInstallationActionList/> <postInstallationActionList>
<!-- ImageMagick: Remote execution vulnerability (CVE-20163714) -->
<if>
<conditionRuleList>
<platformTest type="unix"/>
</conditionRuleList>
<actionList>
<setInstallerVariable name="imagemagick_policy_path" value="${imagemagick_root_directory}/lib/ImageMagick-${imagemagick_version}/config/policy.xml"/>
</actionList>
<elseActionList>
<setInstallerVariable name="imagemagick_policy_path" value="${imagemagick_root_directory}/policy.xml"/>
</elseActionList>
</if>
<substitute>
<files>${imagemagick_policy_path}</files>
<substitutionList>
<substitution>
<pattern><![CDATA[<policymap>]]></pattern>
<value><![CDATA[<policymap>
<policy domain="coder" rights="none" pattern="EPHEMERAL" />
<policy domain="coder" rights="none" pattern="URL" />
<policy domain="coder" rights="none" pattern="HTTPS" />
<policy domain="coder" rights="none" pattern="MVG" />
<policy domain="coder" rights="none" pattern="MSL" />
]]></value>
</substitution>
</substitutionList>
</substitute>
</postInstallationActionList>
</component> </component>