projects / ikiwiki / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 545a7bb) | patch
img: check magic number before giving common formats to ImageMagick
authorSimon McVittie <smcv@debian.org>
Thu, 5 May 2016 22:17:45 +0000 (23:17 +0100)
committerSimon McVittie <smcv@debian.org>
Thu, 5 May 2016 22:43:50 +0000 (23:43 +0100)
commit170cd41489ab25fc3b7a95dd31521dfe522b4f9e
treea6ce0d308d7304451ec646c3744e24aff7d8853dtree | snapshot
parent545a7bbbf07dd2375a96eae09f9abd6329a919e5commit | diff
img: check magic number before giving common formats to ImageMagick

This mitigates CVE-2016-3714 and similar vulnerabilities by
avoiding passing obviously-wrong input to ImageMagick decoders.
IkiWiki/Plugin/img.pm diff | blob | blame | history
t/img.t diff | blob | blame | history
Ikiwiki patches