Re: Disabling ghostscript handled formats in imagemagick and graphicsmagick
On Mon, Oct 22, 2018 at 01:23:21PM +0200, Markus Koschany wrote:
> Hi,
>
> Several security vulnerabilities were discovered in Ghostscript in
> recent weeks. Although all known issues were fixed, there is still a
> chance that there are more of them, yet undiscovered. The security
> researcher who found those issues recommends to disable Ghostscript
> handled formats by default in Imagemagick. [1] I think this should be
> extended to Graphicsmagick too.
>
> Thorsten, you are currently working on Imagemagick. Could you apply this
> patch [2] from Ubuntu to our package as well?
Better wait until that change has been made in unstable first:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=907336
Cheers,
Moritz
Reply to: