[Bug 1796563] Re: 8:6.8.9.9-7ubuntu5.13 breaks convert with no explanation

Shashank VRSN Sabniveesu shashank at linux.com
Mon Feb 11 13:55:37 UTC 2019 

Hello,

I am running Ubuntu 18.04.2 LTS (bionic) with ghostcript version 9.26.

Per the document https://www.kb.cert.org/vuls/id/332928/, the
vulnerability in question seems to have been fixed in version 9.24
itself.

Isn't it time to have the policy.xml changes adjusted and any other
changes done as required so the 'convert (to PDF)' starts working as
always?

I'm interested in doing the work and any related tests if availability
is the only concern here. Would someone kindly guide me in that case?

Thanks,
Shashank

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to imagemagick in Ubuntu.
https://bugs.launchpad.net/bugs/1796563

Title:
  8:6.8.9.9-7ubuntu5.13 breaks convert with no explanation

Status in imagemagick package in Ubuntu:
  Confirmed

Bug description:
  8:6.8.9.9-7ubuntu5.13 breaks the convert command as used by my home-
  brew document management system:

  $ convert -density 200 -quality 40 null: 10-07-dvla.pdf 10-07-dvla.jpg
  convert: not authorized `10-07-dvla.pdf' @ error/constitute.c/ReadImage/412.

  I appreciate that this is likely a security fix for something, but I
  can find no useful information in the changelog.Debian or NEWS files
  on what has changed, and what I should do to restore previous
  functionality.

  ProblemType: Bug
  DistroRelease: Ubuntu 16.04
  Package: imagemagick 8:6.8.9.9-7ubuntu5.13
  ProcVersionSignature: Ubuntu 4.15.0-33.36-generic 4.15.18
  Uname: Linux 4.15.0-33-generic x86_64
  NonfreeKernelModules: qnx4 hfsplus hfs minix ntfs jfs i915 snd_hda_codec_hdmi intel_rapl x86_pkg_temp_thermal intel_powerclamp coretemp snd_hda_codec_realtek snd_hda_codec_generic dcdbas snd_hda_intel snd_hda_codec snd_hda_core intel_cstate dell_wmi intel_rapl_perf dell_smbios_wmi dell_smbios wmi_bmof sparse_keymap dell_wmi_descriptor cp210x usbserial mei_me mei shpchp intel_pch_thermal mac_hid vhci_hcd usbip_core r8169 wmi
  ApportVersion: 2.20.1-0ubuntu2.18
  Architecture: amd64
  CurrentDesktop: XFCE
  Date: Sun Oct  7 14:35:08 2018
  InstallationDate: Installed on 2017-01-08 (637 days ago)
  InstallationMedia: Xubuntu 16.04 LTS "Xenial Xerus" - Release amd64 (20160420.1)
  SourcePackage: imagemagick
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1796563/+subscriptions

More information about the foundations-bugs mailing list