diff options
| author | V3n3RiX <venerix@koprulu.sector> | 2023-08-31 10:10:44 +0100 |
|---|---|---|
| committer | V3n3RiX <venerix@koprulu.sector> | 2023-08-31 10:10:44 +0100 |
| commit | 0fde6d7108b1ee9fc6ad186eff4978faa255db20 (patch) | |
| tree | 54c45a4fb87434f176ae2cc91c764acdcc1122e7 /media-gfx/imagemagick/imagemagick-6.9.12.89-r1.ebuild | |
| parent | 025c71a90f259ca9319b4caa92495e43acf489b0 (diff) | |
gentoo auto-resync : 31:08:2023 - 10:10:44
Diffstat (limited to 'media-gfx/imagemagick/imagemagick-6.9.12.89-r1.ebuild')
| -rw-r--r-- | media-gfx/imagemagick/imagemagick-6.9.12.89-r1.ebuild | 44 |
1 files changed, 43 insertions, 1 deletions
diff --git a/media-gfx/imagemagick/imagemagick-6.9.12.89-r1.ebuild b/media-gfx/imagemagick/imagemagick-6.9.12.89-r1.ebuild index 564d60496adb..c362e932a2e6 100644 --- a/media-gfx/imagemagick/imagemagick-6.9.12.89-r1.ebuild +++ b/media-gfx/imagemagick/imagemagick-6.9.12.89-r1.ebuild @@ -14,7 +14,7 @@ else MY_PV="$(ver_rs 3 '-')" MY_P="ImageMagick-${MY_PV}" SRC_URI="mirror://imagemagick/${MY_P}.tar.xz" - KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x64-solaris" + KEYWORDS="~alpha ~amd64 arm arm64 ~hppa ~ia64 ~mips ppc ppc64 ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x64-solaris" fi S="${WORKDIR}/${MY_P}" @@ -92,6 +92,16 @@ pkg_setup() { src_prepare() { default + # Apply hardening, bug #664236 + cp "${FILESDIR}"/policy-hardening.snippet "${S}" || die + sed -i -e '/^<policymap>$/ { + r policy-hardening.snippet + d + }' \ + config/policy.xml || \ + die "Failed to apply hardening of policy.xml" + einfo "policy.xml hardened" + # for Darwin modules elibtoolize @@ -227,3 +237,35 @@ src_install() { insinto /usr/share/${PN} doins config/*icm } + +pkg_postinst() { + local _show_policy_xml_notice= + + if [[ -z "${REPLACING_VERSIONS}" ]]; then + # This is a new installation + _show_policy_xml_notice=yes + else + local v + for v in ${REPLACING_VERSIONS}; do + if ! ver_test "${v}" -gt "6.9.10.10-r2"; then + # This is an upgrade + _show_policy_xml_notice=yes + + # Show this elog only once + break + fi + done + fi + + if [[ -n "${_show_policy_xml_notice}" ]]; then + elog "For security reasons, a policy.xml file was installed in /etc/ImageMagick-6" + elog "which will prevent the usage of the following coders by default:" + elog "" + elog " - PS" + elog " - PS2" + elog " - PS3" + elog " - EPS" + elog " - PDF" + elog " - XPS" + fi +} |