re-enable GhostScript in ImageMagick
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
imagemagick (Ubuntu) |
Won't Fix
|
Undecided
|
Unassigned |
Bug Description
This security updated https:/
<!-- disable ghostscript format types -->
<policy domain="coder" rights="none" pattern="PS" />
<policy domain="coder" rights="none" pattern="EPI" />
<policy domain="coder" rights="none" pattern="PDF" />
<policy domain="coder" rights="none" pattern="XPS" />
This prevents from working with PDF, e.g. `convert file.pdf file.png`. It is a very common use case and is a suggested way to convert PDF to image on many websites, including ask.ubuntu.com
I had to remove/comment those lines from /etc/ImageMagic
$ convert test1.pdf test1.png
convert-im6.q16: not authorized `test1.pdf' @ error/constitut
convert-im6.q16: no images defined `test1.png' @ error/convert.
Can you please reenable GhostScript?
I don't think that it is so insecure that so common use cases must be disabled, people, who do not read usn.ubuntu.com frequently, will not understand the error.
Also, those security update disabled GhostScript on the fly; what if I used it on servers or for daily desktop tasks?
ProblemType: Bug
DistroRelease: Ubuntu 18.04
Package: imagemagick 8:6.9.7.
ProcVersionSign
Uname: Linux 4.15.0-43-generic x86_64
ApportVersion: 2.20.9-0ubuntu7.5
Architecture: amd64
CurrentDesktop: XFCE
Date: Fri Jan 4 15:43:09 2019
InstallationDate: Installed on 2018-12-21 (13 days ago)
InstallationMedia: Xubuntu 18.04.1 LTS "Bionic Beaver" - Release amd64 (20180725)
SourcePackage: imagemagick
UpgradeStatus: No upgrade log present (probably fresh install)
information type: | Public → Public Security |
Changed in imagemagick (Ubuntu): | |
status: | Confirmed → Won't Fix |
Status changed to 'Confirmed' because the bug affects multiple users.