Skip to content
GitLab
  • Menu
Projects Groups Snippets
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
  • Sign in
  • typo3 typo3
  • Project information
    • Project information
    • Activity
    • Members
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
    • Locked Files
  • CI/CD
    • CI/CD
    • Pipelines
    • Jobs
    • Schedules
  • Deployments
    • Deployments
    • Environments
    • Releases
  • Packages & Registries
    • Packages & Registries
    • Container Registry
  • Analytics
    • Analytics
    • Value stream
    • CI/CD
    • Insights
    • Issue
    • Repository
  • Activity
  • Graph
  • Jobs
  • Commits
Collapse sidebar
  • typo3
  • typo3typo3
  • Repository
Switch branch/tag
  • typo3
  • typo3
  • sysext
  • core
  • Classes
  • Imaging
  • GraphicalFunctions.php
Find file BlameHistoryPermalink
  • Oliver Hader's avatar
    [SECURITY] Enclose file type scope when invoking ImageMagick · e845d90b
    Oliver Hader authored May 07, 2019 and Oliver Hader's avatar Oliver Hader committed May 07, 2019
    In order to enclose and avoid type guessing done by ImageMagick based
    on mime-type and internal file content checks, new value object class
    ImageMagickFile has been introduced as guard for those invocations.
    
    Resolves: #87588
    Releases: master, 9.5, 8.7
    Security-Commit: d4f18684b2b2078b51cc7e93abdb251ea846984a
    Security-Bulletin: TYPO3-CORE-SA-2019-012
    Change-Id: I9a2dd74e8548530d7bc83bd18af2f4f0a8212019
    Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/60705
    
    Tested-by: Oliver Hader's avatarOliver Hader <oliver.hader@typo3.org>
    Reviewed-by: Oliver Hader's avatarOliver Hader <oliver.hader@typo3.org>
    e845d90b