control: tags -1 + confirmed Hi,
I found it In order to reproduce run convert rose: rose.xpm display rose.xpm it should show strange stuff. The problematic commit is http://trac.imagemagick.org/changeset/17297 and it is needed from a security point of view :S Will see we upstream On Sat, Dec 27, 2014 at 8:01 PM, Bastien ROUCARIES <roucaries.bast...@gmail.com> wrote: > On Sat, Dec 27, 2014 at 3:11 PM, Adam Sjøgren <a...@koldfront.dk> wrote: >> Bastien writes: >> >>> On Fri, Dec 26, 2014 at 10:24 PM, Adam Sjøgren <a...@koldfront.dk> wrote: >>>> Bastien writes: >> >>>>>> When displaying an image in GNU Emacs 24 (package emacs24), after >>>>>> upgrading from ImageMagick 8:6.8.9.9-3 to 8:6.8.9.9-4, images with >>>>>> :type 'imagemagick are displayed as single colour rectangles. >> >>>>> Thanks could you get the exact command running ? >> >>>> I don't understand your question. >> >>> I suppose emacs execute imagmagick. Thus that is the command (shell) >>> and parameter that emacs use ? >> >> I don't think Emacs executes any ImageMagick commands - Emacs is linked >> to the ImageMagick libraries, which is why I reported the bug against >> libmagickcore-6, and not on the package with the binaries. >> >> I.e.: >> >> $ ldd /usr/bin/emacs24 | grep -i magick >> libMagickWand-6.Q16.so.2 => >> /usr/lib/x86_64-linux-gnu/libMagickWand-6.Q16.so.2 (0x00007f7d415b8000) >> libMagickCore-6.Q16.so.2 => >> /usr/lib/x86_64-linux-gnu/libMagickCore-6.Q16.so.2 (0x00007f7d410f8000) >> $ >> >> And this is also why the recipe for reproducing the problem I wrote >> includes running Emacs. > > > It seems it is only xpm file. Could you try with other format of input > image ? I have applied some patch to xpm coder in order to solve > security problem. Will try to reproduce. > > Staying in -3 is not a solution due to the security problem. > > Bastien > >> >> I hope this clears it up. >> >> >> Best regards, >> >> Adam >> >> -- >> "May the force be... Adam Sjøgren >> ... equal to mass · acceleration" a...@koldfront.dk -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
