-diff -ruN ImageMagick-6.9.4-8.orig/config/policy.xml ImageMagick-6.9.4-8/config/policy.xml
---- ImageMagick-6.9.4-8.orig/config/policy.xml 2016-06-07 15:28:31.000000000 +0200
-+++ ImageMagick-6.9.4-8/config/policy.xml 2016-06-07 23:37:43.850853095 +0200
-@@ -61,9 +61,19 @@
+--- ImageMagick-7.0.8-12/config/policy.xml~ 2018-09-23 15:06:47.000000000 +0300
++++ ImageMagick-7.0.8-12/config/policy.xml 2018-09-27 23:34:04.357038809 +0300
+@@ -68,11 +68,22 @@
+ <!-- <policy domain="resource" name="thread" value="4"/> -->
<!-- <policy domain="resource" name="throttle" value="0"/> -->
<!-- <policy domain="resource" name="time" value="3600"/> -->
- <!-- <policy domain="system" name="precision" value="6"/> -->
- <!-- <policy domain="coder" rights="none" pattern="MVG" /> -->
+ <!-- <policy domain="module" rights="none" pattern="{PS,PDF,XPS}" /> -->
- <!-- <policy domain="delegate" rights="none" pattern="HTTPS" /> -->
-- <!-- <policy domain="path" rights="none" pattern="|*"/> -->
-- <policy domain="path" rights="none" pattern="@*"/> <!-- indirect reads not permitted -->
+- <!-- <policy domain="path" rights="none" pattern="@*" /> -->
+ <!-- <policy domain="cache" name="memory-map" value="anonymous"/> -->
+ <!-- <policy domain="cache" name="synchronize" value="True"/> -->
+ <!-- <policy domain="cache" name="shared-secret" value="passphrase" stealth="true"/> -->
+ <policy domain="coder" rights="none" pattern="EPHEMERAL" />
+ <policy domain="coder" rights="none" pattern="URL" />
+ <policy domain="coder" rights="none" pattern="HTTPS" />
-+ <policy domain="delegate" rights="none" pattern="HTTPS" />
+ <policy domain="coder" rights="none" pattern="HTTP" />
+ <policy domain="coder" rights="none" pattern="FTP" />
+ <policy domain="coder" rights="none" pattern="MVG" />
+ <policy domain="coder" rights="none" pattern="SHOW" />
+ <policy domain="coder" rights="none" pattern="WIN" />
+ <policy domain="coder" rights="none" pattern="PLT" />
++ <policy domain="delegate" rights="none" pattern="HTTPS" />
+ <policy domain="path" rights="none" pattern="|*"/>
+ <policy domain="path" rights="none" pattern="@*"/> <!-- indirect reads not permitted -->
- <policy domain="cache" name="shared-secret" value="passphrase" stealth="true"/>
</policymap>