© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
bbfa235
(Get the code!)
The decision to modify the default ImageMagick policy to prevent calling Ghostscript was not made on behalf of any single flaw. There are 50 Ghostscript CVEs allocated after this bug report was opened.
PostScript was not designed to handle malicious inputs. Ghostscript was not designed to execute malicious inputs.
We believe we made the right choice for our users in setting the default ImageMagick policy to prevent calling into the Ghostscript coders and do not intend to revisit this decision soon.
A local site that has decided they would rather have the feature can re-enable it themselves if they choose to do so. I strongly recommend using AppArmor to confine all parts of the document processing pipeline -- there's been hundreds of CVEs between ImageMagick (603 in my database) and Ghostscript (165 in my database).
This email from Tavis Ormandy provides excellent context:
https:/
Thanks