At least when reading PS2 and PS3 files via
`convert PS2:<input> <output>' and `convert PS3:<input> <output>'
gslib/ghostscript will be invoked and hence subject to VU#332928.
Pointed out by Bob Friesenhahn via oss-security@ ML (and follow up from
VU#332928 update).
Disable ghostscript coders in policy.xml as a workaround for
VU#332928 (<https://www.kb.cert.org/vuls/id/332928>).
Please note that apart commenting/removing lines added in policy.xml,
the ghostscript coders can be enabled per-user by copying policy.xml
to ~/.config/ImageMagick/policy.xml and adjusting it with the
following lines:
| [...]
| <policy domain="coder" rights="read|write" pattern="PS" />
| <policy domain="coder" rights="read|write" pattern="EPS" />
| <policy domain="coder" rights="read|write" pattern="PDF" />
| <policy domain="coder" rights="read|write" pattern="XPS" />
| [...]
Bump PKGREVISION
ImageMagick TM, is a package for display and interactive manipulation
of images for the X Window System. It is written in C and interfaces
to the X library, and therefore does not require any proprietary
toolkit in order to compile. Although the software is copyrighted, it
is available for free and can be redistributed without fee.
The ImageMagick image display program can display an image on any
workstation screen running an X server. It can read and write many of
the more popular image formats including JPEG, TIFF, PNM, GIF, and
Photo CD. In addition you can interactively resize, rotate, sharpen,
color reduce, or add special effects to an image and save your
completed work in the same or differing image format.
This package tracks 6 release branch for backward compatibility.
