Created
August 30, 2018 19:27
-
-
Save raresteak/fd52e51a4b9284682c4d44590651bb77 to your computer and use it in GitHub Desktop.
Patch recent Ghostscript ImageMagick bypass vulnerabilities in CERT 332928
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Fix Ghostscript bypass vulnerabilities with ImageMagick CERT 332928 | |
| # Disable PS, EPS, PDF, and XPS coders in ImageMagick policy.xml | |
| # https://www.kb.cert.org/vuls/id/332928 | |
| cd /etc/ImageMagick?? || exit | |
| cp -v policy.xml policy.xml.tmp | |
| cp -v policy.xml policy.xml.orig | |
| sed -i 's/<\/policymap>//' policy.xml.tmp | |
| cat <<EOF >> policy.xml.tmp | |
| <policy domain="coder" rights="none" pattern="PS" /> | |
| <policy domain="coder" rights="none" pattern="PS2" /> | |
| <policy domain="coder" rights="none" pattern="PS3" /> | |
| <policy domain="coder" rights="none" pattern="EPS" /> | |
| <policy domain="coder" rights="none" pattern="PDF" /> | |
| <policy domain="coder" rights="none" pattern="XPS" /> | |
| </policymap> | |
| EOF | |
| cp -v policy.xml.tmp policy.xml | |
| cat policy.xml |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment