[gentoo-commits] repo/gentoo:master commit in: media-gfx/imagemagick/files/, media-gfx/imagemagick/ - gentoo-commits

From:	Thomas Deutschmann <whissi@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] repo/gentoo:master commit in: media-gfx/imagemagick/files/, media-gfx/imagemagick/
Date:	Fri, 24 Aug 2018 14:35:04
Message-Id:	`1535121255.df7afbda6b12a68578833225e694cee011b20342.whissi@gentoo`

1

commit:     df7afbda6b12a68578833225e694cee011b20342

2

Author:     Thomas Deutschmann <whissi <AT> gentoo <DOT> org>

3

AuthorDate: Fri Aug 24 14:33:55 2018 +0000

4

Commit:     Thomas Deutschmann <whissi <AT> gentoo <DOT> org>

5

CommitDate: Fri Aug 24 14:34:15 2018 +0000

6

URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=df7afbda

7

8

media-gfx/imagemagick: extend hardening

9

10

- PS2 and PS3 coders are now disabled by default, too.

11

12

- Instead of patching, we now use sed which should make it

13

  easier to extend policy.xml in future.

14

15

Bug: https://bugs.gentoo.org/664236

16

Package-Manager: Portage-2.3.48, Repoman-2.3.10

17

RepoMan-Options: --force

18

19

 media-gfx/imagemagick/files/policy-hardening.patch | 15 --------------

20

 .../imagemagick/files/policy-hardening.snippet     |  9 ++++++++

21

 ...0-r1.ebuild => imagemagick-6.9.10.10-r2.ebuild} | 22 ++++++++++++++------

22

 ...10-r1.ebuild => imagemagick-7.0.8.10-r2.ebuild} | 24 +++++++++++++++-------

23

 media-gfx/imagemagick/imagemagick-9999.ebuild      | 22 ++++++++++++++------

24

 5 files changed, 58 insertions(+), 34 deletions(-)

25

26

diff --git a/media-gfx/imagemagick/files/policy-hardening.patch b/media-gfx/imagemagick/files/policy-hardening.patch

27

deleted file mode 100644

28

index 9bb8529d191..00000000000

29

--- a/media-gfx/imagemagick/files/policy-hardening.patch

30

+++ /dev/null

31

@@ -1,15 +0,0 @@

32

---- a/config/policy.xml

33

-+++ b/config/policy.xml

34

-@@ -52,6 +52,12 @@

35

-     <policy domain="coder" rights="read|write" pattern="{GIF,JPEG,PNG,WEBP}" />

36

- -->

37

- <policymap>

38

-+  <!-- https://www.kb.cert.org/vuls/id/332928 mitigation -->

39

-+  <policy domain="coder" rights="none" pattern="PS" />

40

-+  <policy domain="coder" rights="none" pattern="EPS" />

41

-+  <policy domain="coder" rights="none" pattern="PDF" />

42

-+  <policy domain="coder" rights="none" pattern="XPS" />

43

-+

44

-   <!-- <policy domain="system" name="shred" value="2"/> -->

45

-   <!-- <policy domain="system" name="precision" value="6"/> -->

46

-   <!-- <policy domain="system" name="memory-map" value="anonymous"/> -->

47

48

diff --git a/media-gfx/imagemagick/files/policy-hardening.snippet b/media-gfx/imagemagick/files/policy-hardening.snippet

49

new file mode 100644

50

index 00000000000..c1a91b0b874

51

--- /dev/null

52

+++ b/media-gfx/imagemagick/files/policy-hardening.snippet

53

@@ -0,0 +1,9 @@

54

+<policymap>

55

+  <!-- https://www.kb.cert.org/vuls/id/332928 mitigation / https://bugs.gentoo.org/664236 -->

56

+  <policy domain="coder" rights="none" pattern="PS" />

57

+  <policy domain="coder" rights="none" pattern="PS2" />

58

+  <policy domain="coder" rights="none" pattern="PS3" />

59

+  <policy domain="coder" rights="none" pattern="EPS" />

60

+  <policy domain="coder" rights="none" pattern="PDF" />

61

+  <policy domain="coder" rights="none" pattern="XPS" />

62

+

63

64

diff --git a/media-gfx/imagemagick/imagemagick-6.9.10.10-r1.ebuild b/media-gfx/imagemagick/imagemagick-6.9.10.10-r2.ebuild

65

similarity index 94%

66

rename from media-gfx/imagemagick/imagemagick-6.9.10.10-r1.ebuild

67

rename to media-gfx/imagemagick/imagemagick-6.9.10.10-r2.ebuild

68

index dae568f6693..970ff4c9a5a 100644

69

--- a/media-gfx/imagemagick/imagemagick-6.9.10.10-r1.ebuild

70

+++ b/media-gfx/imagemagick/imagemagick-6.9.10.10-r2.ebuild

71

@@ -66,9 +66,19 @@ REQUIRED_USE="corefonts? ( truetype )

72

73

 S="${WORKDIR}/${MY_P}"

74

75

-PATCHES=( "${FILESDIR}"/policy-hardening.patch )

76

-

77

 src_prepare() {

78

+	default

79

+

80

+	# Apply hardening #664236

81

+	cp "${FILESDIR}"/policy-hardening.snippet "${S}" || die

82

+	sed -i -e '/^<policymap>$/ {

83

+			r policy-hardening.snippet

84

+			d

85

+		}' \

86

+		config/policy.xml || \

87

+		die "Failed to apply hardening of policy.xml"

88

+	einfo "policy.xml hardened"

89

+

90

 	# Install default (unrestricted) policy in $HOME for test suite #664238

91

 	local _im_local_config_home="${HOME}/.config/ImageMagick"

92

 	mkdir -p "${_im_local_config_home}" || \

93

@@ -76,12 +86,10 @@ src_prepare() {

94

 	cp "${FILESDIR}"/policy.test.xml "${_im_local_config_home}/policy.xml" || \

95

 		die "Failed to install default blank policy.xml in '${_im_local_config_home}'"

96

97

-	local mesa_cards ati_cards nvidia_cards render_cards

98

-	default

99

-

100

 	elibtoolize # for Darwin modules

101

102

 	# For testsuite, see https://bugs.gentoo.org/show_bug.cgi?id=500580#c3

103

+	local mesa_cards ati_cards nvidia_cards render_cards

104

 	shopt -s nullglob

105

 	ati_cards=$(echo -n /dev/ati/card* | sed 's/ /:/g')

106

 	if test -n "${ati_cards}"; then

107

@@ -203,7 +211,7 @@ pkg_postinst() {

108

 	else

109

 		local v

110

 		for v in ${REPLACING_VERSIONS}; do

111

-			if ! ver_test "${v}" -gt "6.9.10.10-r1"; then

112

+			if ! ver_test "${v}" -gt "6.9.10.10-r2"; then

113

 				# This is an upgrade

114

 				_show_policy_xml_notice=yes

115

116

@@ -218,6 +226,8 @@ pkg_postinst() {

117

 		elog "which will prevent the usage of the following coders by default:"

118

 		elog ""

119

 		elog "  - PS"

120

+		elog "  - PS2"

121

+		elog "  - PS3"

122

 		elog "  - EPS"

123

 		elog "  - PDF"

124

 		elog "  - XPS"

125

126

diff --git a/media-gfx/imagemagick/imagemagick-7.0.8.10-r1.ebuild b/media-gfx/imagemagick/imagemagick-7.0.8.10-r2.ebuild

127

similarity index 93%

128

rename from media-gfx/imagemagick/imagemagick-7.0.8.10-r1.ebuild

129

rename to media-gfx/imagemagick/imagemagick-7.0.8.10-r2.ebuild

130

index 2c348ed3d6d..63922969bc3 100644

131

--- a/media-gfx/imagemagick/imagemagick-7.0.8.10-r1.ebuild

132

+++ b/media-gfx/imagemagick/imagemagick-7.0.8.10-r2.ebuild

133

@@ -5,8 +5,6 @@ EAPI="6"

134

135

 inherit eapi7-ver eutils flag-o-matic libtool multilib toolchain-funcs

136

137

-PATCHES=( "${FILESDIR}"/policy-hardening.patch )

138

-

139

 if [[ ${PV} == "9999" ]] ; then

140

 	EGIT_REPO_URI="https://github.com/ImageMagick/ImageMagick.git"

141

 	inherit git-r3

142

@@ -16,7 +14,7 @@ else

143

 	SRC_URI="mirror://${PN}/${MY_P}.tar.xz"

144

 	KEYWORDS="alpha amd64 arm ~arm64 hppa ia64 ~mips ppc ppc64 ~s390 ~sh sparc x86 ~ppc-aix ~amd64-fbsd ~x86-fbsd ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~sparc-solaris ~x64-solaris ~x86-solaris"

145

146

-	PATCHES+=( "${FILESDIR}"/${P}-quantum-private-compile-fix.patch ) #664226

147

+	PATCHES=( "${FILESDIR}"/${P}-quantum-private-compile-fix.patch ) #664226

148

fi

149

150

 DESCRIPTION="A collection of tools and libraries for many image formats"

151

@@ -77,6 +75,18 @@ REQUIRED_USE="corefonts? ( truetype )

152

 S="${WORKDIR}/${MY_P}"

153

154

 src_prepare() {

155

+	default

156

+

157

+	# Apply hardening #664236

158

+	cp "${FILESDIR}"/policy-hardening.snippet "${S}" || die

159

+	sed -i -e '/^<policymap>$/ {

160

+			r policy-hardening.snippet

161

+			d

162

+		}' \

163

+		config/policy.xml || \

164

+		die "Failed to apply hardening of policy.xml"

165

+	einfo "policy.xml hardened"

166

+

167

 	# Install default (unrestricted) policy in $HOME for test suite #664238

168

 	local _im_local_config_home="${HOME}/.config/ImageMagick"

169

 	mkdir -p "${_im_local_config_home}" || \

170

@@ -84,12 +94,10 @@ src_prepare() {

171

 	cp "${FILESDIR}"/policy.test.xml "${_im_local_config_home}/policy.xml" || \

172

 		die "Failed to install default blank policy.xml in '${_im_local_config_home}'"

173

174

-	local ati_cards mesa_cards nvidia_cards render_cards

175

-	default

176

-

177

 	elibtoolize # for Darwin modules

178

179

 	# For testsuite, see https://bugs.gentoo.org/show_bug.cgi?id=500580#c3

180

+	local ati_cards mesa_cards nvidia_cards render_cards

181

 	shopt -s nullglob

182

 	ati_cards=$(echo -n /dev/ati/card* | sed 's/ /:/g')

183

 	if test -n "${ati_cards}"; then

184

@@ -211,7 +219,7 @@ pkg_postinst() {

185

 	else

186

 		local v

187

 		for v in ${REPLACING_VERSIONS}; do

188

-			if ! ver_test "${v}" -gt "7.0.8.10-r1"; then

189

+			if ! ver_test "${v}" -gt "7.0.8.10-r2"; then

190

 				# This is an upgrade

191

 				_show_policy_xml_notice=yes

192

193

@@ -226,6 +234,8 @@ pkg_postinst() {

194

 		elog "which will prevent the usage of the following coders by default:"

195

 		elog ""

196

 		elog "  - PS"

197

+		elog "  - PS2"

198

+		elog "  - PS3"

199

 		elog "  - EPS"

200

 		elog "  - PDF"

201

 		elog "  - XPS"

202

203

diff --git a/media-gfx/imagemagick/imagemagick-9999.ebuild b/media-gfx/imagemagick/imagemagick-9999.ebuild

204

index c088f2a808b..25c4681ac13 100644

205

--- a/media-gfx/imagemagick/imagemagick-9999.ebuild

206

+++ b/media-gfx/imagemagick/imagemagick-9999.ebuild

207

@@ -5,8 +5,6 @@ EAPI="6"

208

209

 inherit eapi7-ver eutils flag-o-matic libtool multilib toolchain-funcs

210

211

-PATCHES=( "${FILESDIR}"/policy-hardening.patch )

212

-

213

 if [[ ${PV} == "9999" ]] ; then

214

 	EGIT_REPO_URI="https://github.com/ImageMagick/ImageMagick.git"

215

 	inherit git-r3

216

@@ -75,6 +73,18 @@ REQUIRED_USE="corefonts? ( truetype )

217

 S="${WORKDIR}/${MY_P}"

218

219

 src_prepare() {

220

+	default

221

+

222

+	# Apply hardening #664236

223

+	cp "${FILESDIR}"/policy-hardening.snippet "${S}" || die

224

+	sed -i -e '/^<policymap>$/ {

225

+			r policy-hardening.snippet

226

+			d

227

+		}' \

228

+		config/policy.xml || \

229

+		die "Failed to apply hardening of policy.xml"

230

+	einfo "policy.xml hardened"

231

+

232

 	# Install default (unrestricted) policy in $HOME for test suite #664238

233

 	local _im_local_config_home="${HOME}/.config/ImageMagick"

234

 	mkdir -p "${_im_local_config_home}" || \

235

@@ -82,12 +92,10 @@ src_prepare() {

236

 	cp "${FILESDIR}"/policy.test.xml "${_im_local_config_home}/policy.xml" || \

237

 		die "Failed to install default blank policy.xml in '${_im_local_config_home}'"

238

239

-	local ati_cards mesa_cards nvidia_cards render_cards

240

-	default

241

-

242

 	elibtoolize # for Darwin modules

243

244

 	# For testsuite, see https://bugs.gentoo.org/show_bug.cgi?id=500580#c3

245

+	local ati_cards mesa_cards nvidia_cards render_cards

246

 	shopt -s nullglob

247

 	ati_cards=$(echo -n /dev/ati/card* | sed 's/ /:/g')

248

 	if test -n "${ati_cards}"; then

249

@@ -209,7 +217,7 @@ pkg_postinst() {

250

 	else

251

 		local v

252

 		for v in ${REPLACING_VERSIONS}; do

253

-			if ! ver_test "${v}" -gt "7.0.8.10-r1"; then

254

+			if ! ver_test "${v}" -gt "7.0.8.10-r2"; then

255

 				# This is an upgrade

256

 				_show_policy_xml_notice=yes

257

258

@@ -224,6 +232,8 @@ pkg_postinst() {

259

 		elog "which will prevent the usage of the following coders by default:"

260

 		elog ""

261

 		elog "  - PS"

262

+		elog "  - PS2"

263

+		elog "  - PS3"

264

 		elog "  - EPS"

265

 		elog "  - PDF"

266

 		elog "  - XPS"

1	commit: df7afbda6b12a68578833225e694cee011b20342
2	Author: Thomas Deutschmann <whissi <AT> gentoo <DOT> org>
3	AuthorDate: Fri Aug 24 14:33:55 2018 +0000
4	Commit: Thomas Deutschmann <whissi <AT> gentoo <DOT> org>
5	CommitDate: Fri Aug 24 14:34:15 2018 +0000
6	URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=df7afbda
7
8	media-gfx/imagemagick: extend hardening
9
10	- PS2 and PS3 coders are now disabled by default, too.
11
12	- Instead of patching, we now use sed which should make it
13	easier to extend policy.xml in future.
14
15	Bug: https://bugs.gentoo.org/664236
16	Package-Manager: Portage-2.3.48, Repoman-2.3.10
17	RepoMan-Options: --force
18
19	media-gfx/imagemagick/files/policy-hardening.patch \| 15 --------------
20	.../imagemagick/files/policy-hardening.snippet \| 9 ++++++++
21	...0-r1.ebuild => imagemagick-6.9.10.10-r2.ebuild} \| 22 ++++++++++++++------
22	...10-r1.ebuild => imagemagick-7.0.8.10-r2.ebuild} \| 24 +++++++++++++++-------
23	media-gfx/imagemagick/imagemagick-9999.ebuild \| 22 ++++++++++++++------
24	5 files changed, 58 insertions(+), 34 deletions(-)
25
26	diff --git a/media-gfx/imagemagick/files/policy-hardening.patch b/media-gfx/imagemagick/files/policy-hardening.patch
27	deleted file mode 100644
28	index 9bb8529d191..00000000000
29	--- a/media-gfx/imagemagick/files/policy-hardening.patch
30	+++ /dev/null
31	@@ -1,15 +0,0 @@
32	---- a/config/policy.xml
33	-+++ b/config/policy.xml
34	-@@ -52,6 +52,12 @@
35	- <policy domain="coder" rights="read\|write" pattern="{GIF,JPEG,PNG,WEBP}" />
36	- -->
37	- <policymap>
38	-+ <!-- https://www.kb.cert.org/vuls/id/332928 mitigation -->
39	-+ <policy domain="coder" rights="none" pattern="PS" />
40	-+ <policy domain="coder" rights="none" pattern="EPS" />
41	-+ <policy domain="coder" rights="none" pattern="PDF" />
42	-+ <policy domain="coder" rights="none" pattern="XPS" />
43	-+
44	- <!-- <policy domain="system" name="shred" value="2"/> -->
45	- <!-- <policy domain="system" name="precision" value="6"/> -->
46	- <!-- <policy domain="system" name="memory-map" value="anonymous"/> -->
47
48	diff --git a/media-gfx/imagemagick/files/policy-hardening.snippet b/media-gfx/imagemagick/files/policy-hardening.snippet
49	new file mode 100644
50	index 00000000000..c1a91b0b874
51	--- /dev/null
52	+++ b/media-gfx/imagemagick/files/policy-hardening.snippet
53	@@ -0,0 +1,9 @@
54	+<policymap>
55	+ <!-- https://www.kb.cert.org/vuls/id/332928 mitigation / https://bugs.gentoo.org/664236 -->
56	+ <policy domain="coder" rights="none" pattern="PS" />
57	+ <policy domain="coder" rights="none" pattern="PS2" />
58	+ <policy domain="coder" rights="none" pattern="PS3" />
59	+ <policy domain="coder" rights="none" pattern="EPS" />
60	+ <policy domain="coder" rights="none" pattern="PDF" />
61	+ <policy domain="coder" rights="none" pattern="XPS" />
62	+
63
64	diff --git a/media-gfx/imagemagick/imagemagick-6.9.10.10-r1.ebuild b/media-gfx/imagemagick/imagemagick-6.9.10.10-r2.ebuild
65	similarity index 94%
66	rename from media-gfx/imagemagick/imagemagick-6.9.10.10-r1.ebuild
67	rename to media-gfx/imagemagick/imagemagick-6.9.10.10-r2.ebuild
68	index dae568f6693..970ff4c9a5a 100644
69	--- a/media-gfx/imagemagick/imagemagick-6.9.10.10-r1.ebuild
70	+++ b/media-gfx/imagemagick/imagemagick-6.9.10.10-r2.ebuild
71	@@ -66,9 +66,19 @@ REQUIRED_USE="corefonts? ( truetype )
72
73	S="${WORKDIR}/${MY_P}"
74
75	-PATCHES=( "${FILESDIR}"/policy-hardening.patch )
76	-
77	src_prepare() {
78	+ default
79	+
80	+ # Apply hardening #664236
81	+ cp "${FILESDIR}"/policy-hardening.snippet "${S}" \|\| die
82	+ sed -i -e '/^<policymap>$/ {
83	+ r policy-hardening.snippet
84	+ d
85	+ }' \
86	+ config/policy.xml \|\| \
87	+ die "Failed to apply hardening of policy.xml"
88	+ einfo "policy.xml hardened"
89	+
90	# Install default (unrestricted) policy in $HOME for test suite #664238
91	local _im_local_config_home="${HOME}/.config/ImageMagick"
92	mkdir -p "${_im_local_config_home}" \|\| \
93	@@ -76,12 +86,10 @@ src_prepare() {
94	cp "${FILESDIR}"/policy.test.xml "${_im_local_config_home}/policy.xml" \|\| \
95	die "Failed to install default blank policy.xml in '${_im_local_config_home}'"
96
97	- local mesa_cards ati_cards nvidia_cards render_cards
98	- default
99	-
100	elibtoolize # for Darwin modules
101
102	# For testsuite, see https://bugs.gentoo.org/show_bug.cgi?id=500580#c3
103	+ local mesa_cards ati_cards nvidia_cards render_cards
104	shopt -s nullglob
105	ati_cards=$(echo -n /dev/ati/card* \| sed 's/ /:/g')
106	if test -n "${ati_cards}"; then
107	@@ -203,7 +211,7 @@ pkg_postinst() {
108	else
109	local v
110	for v in ${REPLACING_VERSIONS}; do
111	- if ! ver_test "${v}" -gt "6.9.10.10-r1"; then
112	+ if ! ver_test "${v}" -gt "6.9.10.10-r2"; then
113	# This is an upgrade
114	_show_policy_xml_notice=yes
115
116	@@ -218,6 +226,8 @@ pkg_postinst() {
117	elog "which will prevent the usage of the following coders by default:"
118	elog ""
119	elog " - PS"
120	+ elog " - PS2"
121	+ elog " - PS3"
122	elog " - EPS"
123	elog " - PDF"
124	elog " - XPS"
125
126	diff --git a/media-gfx/imagemagick/imagemagick-7.0.8.10-r1.ebuild b/media-gfx/imagemagick/imagemagick-7.0.8.10-r2.ebuild
127	similarity index 93%
128	rename from media-gfx/imagemagick/imagemagick-7.0.8.10-r1.ebuild
129	rename to media-gfx/imagemagick/imagemagick-7.0.8.10-r2.ebuild
130	index 2c348ed3d6d..63922969bc3 100644
131	--- a/media-gfx/imagemagick/imagemagick-7.0.8.10-r1.ebuild
132	+++ b/media-gfx/imagemagick/imagemagick-7.0.8.10-r2.ebuild
133	@@ -5,8 +5,6 @@ EAPI="6"
134
135	inherit eapi7-ver eutils flag-o-matic libtool multilib toolchain-funcs
136
137	-PATCHES=( "${FILESDIR}"/policy-hardening.patch )
138	-
139	if [[ ${PV} == "9999" ]] ; then
140	EGIT_REPO_URI="https://github.com/ImageMagick/ImageMagick.git"
141	inherit git-r3
142	@@ -16,7 +14,7 @@ else
143	SRC_URI="mirror://${PN}/${MY_P}.tar.xz"
144	KEYWORDS="alpha amd64 arm ~arm64 hppa ia64 ~mips ppc ppc64 ~s390 ~sh sparc x86 ~ppc-aix ~amd64-fbsd ~x86-fbsd ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~sparc-solaris ~x64-solaris ~x86-solaris"
145
146	- PATCHES+=( "${FILESDIR}"/${P}-quantum-private-compile-fix.patch ) #664226
147	+ PATCHES=( "${FILESDIR}"/${P}-quantum-private-compile-fix.patch ) #664226
148	fi
149
150	DESCRIPTION="A collection of tools and libraries for many image formats"
151	@@ -77,6 +75,18 @@ REQUIRED_USE="corefonts? ( truetype )
152	S="${WORKDIR}/${MY_P}"
153
154	src_prepare() {
155	+ default
156	+
157	+ # Apply hardening #664236
158	+ cp "${FILESDIR}"/policy-hardening.snippet "${S}" \|\| die
159	+ sed -i -e '/^<policymap>$/ {
160	+ r policy-hardening.snippet
161	+ d
162	+ }' \
163	+ config/policy.xml \|\| \
164	+ die "Failed to apply hardening of policy.xml"
165	+ einfo "policy.xml hardened"
166	+
167	# Install default (unrestricted) policy in $HOME for test suite #664238
168	local _im_local_config_home="${HOME}/.config/ImageMagick"
169	mkdir -p "${_im_local_config_home}" \|\| \
170	@@ -84,12 +94,10 @@ src_prepare() {
171	cp "${FILESDIR}"/policy.test.xml "${_im_local_config_home}/policy.xml" \|\| \
172	die "Failed to install default blank policy.xml in '${_im_local_config_home}'"
173
174	- local ati_cards mesa_cards nvidia_cards render_cards
175	- default
176	-
177	elibtoolize # for Darwin modules
178
179	# For testsuite, see https://bugs.gentoo.org/show_bug.cgi?id=500580#c3
180	+ local ati_cards mesa_cards nvidia_cards render_cards
181	shopt -s nullglob
182	ati_cards=$(echo -n /dev/ati/card* \| sed 's/ /:/g')
183	if test -n "${ati_cards}"; then
184	@@ -211,7 +219,7 @@ pkg_postinst() {
185	else
186	local v
187	for v in ${REPLACING_VERSIONS}; do
188	- if ! ver_test "${v}" -gt "7.0.8.10-r1"; then
189	+ if ! ver_test "${v}" -gt "7.0.8.10-r2"; then
190	# This is an upgrade
191	_show_policy_xml_notice=yes
192
193	@@ -226,6 +234,8 @@ pkg_postinst() {
194	elog "which will prevent the usage of the following coders by default:"
195	elog ""
196	elog " - PS"
197	+ elog " - PS2"
198	+ elog " - PS3"
199	elog " - EPS"
200	elog " - PDF"
201	elog " - XPS"
202
203	diff --git a/media-gfx/imagemagick/imagemagick-9999.ebuild b/media-gfx/imagemagick/imagemagick-9999.ebuild
204	index c088f2a808b..25c4681ac13 100644
205	--- a/media-gfx/imagemagick/imagemagick-9999.ebuild
206	+++ b/media-gfx/imagemagick/imagemagick-9999.ebuild
207	@@ -5,8 +5,6 @@ EAPI="6"
208
209	inherit eapi7-ver eutils flag-o-matic libtool multilib toolchain-funcs
210
211	-PATCHES=( "${FILESDIR}"/policy-hardening.patch )
212	-
213	if [[ ${PV} == "9999" ]] ; then
214	EGIT_REPO_URI="https://github.com/ImageMagick/ImageMagick.git"
215	inherit git-r3
216	@@ -75,6 +73,18 @@ REQUIRED_USE="corefonts? ( truetype )
217	S="${WORKDIR}/${MY_P}"
218
219	src_prepare() {
220	+ default
221	+
222	+ # Apply hardening #664236
223	+ cp "${FILESDIR}"/policy-hardening.snippet "${S}" \|\| die
224	+ sed -i -e '/^<policymap>$/ {
225	+ r policy-hardening.snippet
226	+ d
227	+ }' \
228	+ config/policy.xml \|\| \
229	+ die "Failed to apply hardening of policy.xml"
230	+ einfo "policy.xml hardened"
231	+
232	# Install default (unrestricted) policy in $HOME for test suite #664238
233	local _im_local_config_home="${HOME}/.config/ImageMagick"
234	mkdir -p "${_im_local_config_home}" \|\| \
235	@@ -82,12 +92,10 @@ src_prepare() {
236	cp "${FILESDIR}"/policy.test.xml "${_im_local_config_home}/policy.xml" \|\| \
237	die "Failed to install default blank policy.xml in '${_im_local_config_home}'"
238
239	- local ati_cards mesa_cards nvidia_cards render_cards
240	- default
241	-
242	elibtoolize # for Darwin modules
243
244	# For testsuite, see https://bugs.gentoo.org/show_bug.cgi?id=500580#c3
245	+ local ati_cards mesa_cards nvidia_cards render_cards
246	shopt -s nullglob
247	ati_cards=$(echo -n /dev/ati/card* \| sed 's/ /:/g')
248	if test -n "${ati_cards}"; then
249	@@ -209,7 +217,7 @@ pkg_postinst() {
250	else
251	local v
252	for v in ${REPLACING_VERSIONS}; do
253	- if ! ver_test "${v}" -gt "7.0.8.10-r1"; then
254	+ if ! ver_test "${v}" -gt "7.0.8.10-r2"; then
255	# This is an upgrade
256	_show_policy_xml_notice=yes
257
258	@@ -224,6 +232,8 @@ pkg_postinst() {
259	elog "which will prevent the usage of the following coders by default:"
260	elog ""
261	elog " - PS"
262	+ elog " - PS2"
263	+ elog " - PS3"
264	elog " - EPS"
265	elog " - PDF"
266	elog " - XPS"

Gentoo Archives: gentoo-commits