[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Disabling ghostscript handled formats in imagemagick and graphicsmagick



On Mon, Oct 22, 2018 at 01:23:21PM +0200, Markus Koschany wrote:
> Hi,
> 
> Several security vulnerabilities were discovered in Ghostscript in
> recent weeks. Although all known issues were fixed, there is still a
> chance that there are more of them, yet undiscovered. The security
> researcher who found those issues recommends to disable Ghostscript
> handled formats by default in Imagemagick. [1] I think this should be
> extended to Graphicsmagick too.
> 
> Thorsten, you are currently working on Imagemagick. Could you apply this
> patch [2] from Ubuntu to our package as well?

Better wait until that change has been made in unstable first:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=907336

Cheers,
        Moritz


Reply to: