Merge pull request from GHSA-9928-3cp5-93fm

Browse source

* Fix attachments getting processed despite failing content-type validation

* Add a restrictive ImageMagick security policy tailored for Mastodon

* Fix misdetection of MP3 files with large cover art

* Reject unprocessable audio/video files instead of keeping them unchanged

...

This commit is contained in:

Claire 2023-07-06 15:05:05 +02:00 • committed by GitHub

parent c4f2609f7a

commit 0aa0b71f2c

No known key found for this signature in database

GPG key ID: 4AEE18F83AFDEB23

8 changed files with 80 additions and 7 deletions

Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL

Download patch file Download diff file Expand all files Collapse all files

BIN

spec/fixtures/files/boop.mp3 vendored Normal file

View file

Binary file not shown.