Comment 8 for bug 1793485

Hajo Locke (hajo-locke) wrote :

Hello,

can last changelogentry assigned to one particular CVE Number?

* SECURITY UPDATE: code execution vulnerabilities in ghostscript as
    invoked by imagemagick
    - debian/patches/200-disable-ghostscript-formats.patch: disable
      ghostscript handled types by default in policy.xml

We have reports of users who cant convert pdf-files any more, because policy.xml is forbidding it.
Which risk will we take if we change policy.xml back to former content?

And i think there is a typo in changelog. filename is 300-disable-ghostscript-formats.patch