Skip to content
Snippets Groups Projects
Commit e845d90b authored by Oliver Hader's avatar Oliver Hader Committed by Oliver Hader
Browse files

[SECURITY] Enclose file type scope when invoking ImageMagick 

In order to enclose and avoid type guessing done by ImageMagick based
on mime-type and internal file content checks, new value object class
ImageMagickFile has been introduced as guard for those invocations.

Resolves: #87588
Releases: master, 9.5, 8.7
Security-Commit: d4f18684b2b2078b51cc7e93abdb251ea846984a
Security-Bulletin: TYPO3-CORE-SA-2019-012
Change-Id: I9a2dd74e8548530d7bc83bd18af2f4f0a8212019
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/60705


Tested-by: default avatarOliver Hader <oliver.hader@typo3.org>
Reviewed-by: default avatarOliver Hader <oliver.hader@typo3.org>
parent f644cd72
Branches
Tags
No related merge requests found
Expand all Hide whitespace changes
Inline Side-by-side
Showing
with 17391 additions and 18 deletions
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment