Package: lyx Version: 2.3.2-1 Severity: important Dear package maintainer(s),
we (LyX developers) are getting repeated reports of LyX's broken handling of pdf/postscript graphics rendering (LaTeX export works fine). This is because of debian stringent policy in /etc/ImageMagick-6/policy.xml disabling ghostscript handling. This was likely introduced due to ghostcript vulnerabilities couple years back, which are fixed now, but the fear of new potential vulnerabilities probably caused the ongoing ban of ghostcript. While I understand the possible security implications on servers, the current policy renders LyX unusable for anyone on desktop, who wishes to use eps/pdf vector graphics, which is typical graphics input format in LaTeX world. On top of this, if user is not root as well, he can't even override these policies. This puts us in a weird position, that we can't help some users even when we detect why their documents do not compile anymore. Would you be willing to make some compromise on systems where users install LyX? I can imagine different ways, e.g.: - allow eps/pdf coders when LyX is installed - ask user when installing LyX whether he wants to to allow such coders - or at least issue warning that unless admin tweaks policy.xml LyX won't function properly. Or any other approach which would help to solve this issue. I see that the imagemagick policy patch in question is in buster but not in bullseye. Not sure whether it means debian wants to keep future imagemagick policies in their vanilla form or it was moved to debconf. In any case I would like raise our voice about this problem explicitely. While this bug is sort of generalized version of #971630 (we also want eps format to work) and might not be high priority from imagemagick POV (could be considered a corner case), I file this under LyX as the consequences are way more serious for its functionality. Thanks, Pavel -- System Information: Debian Release: 10.6 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 4.19.0-12-amd64 (SMP w/2 CPU cores) Kernel taint flags: TAINT_WARN Locale: LANG=en_US.UTF-8, LC_CTYPE=cs_CZ (charmap=ISO-8859-2), LANGUAGE=en_US.UTF-8 (charmap=ISO-8859-2) Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages lyx depends on: ii libc6 2.28-10 ii libenchant1c2a 1.6.0-11.1+b1 ii libgcc1 1:8.3.0-6 ii libmagic1 1:5.35-4+deb10u1 ii libmythes-1.2-0 2:1.2.4-3 ii libqt5core5a 5.11.3+dfsg1-1+deb10u4 ii libqt5gui5 5.11.3+dfsg1-1+deb10u4 ii libqt5svg5 5.11.3-2 ii libqt5widgets5 5.11.3+dfsg1-1+deb10u4 ii libstdc++6 8.3.0-6 ii lyx-common 2.3.2-1 ii xdg-utils 1.1.3-1+deb10u1 ii zlib1g 1:1.2.11.dfsg-1 Versions of packages lyx recommends: ii dvipng 1.15-1.1 ii evince [pdf-viewer] 3.30.2-3+deb10u1 ii fonts-lyx 2.3.2-1 ii ghostscript 9.27~dfsg-2+deb10u4 ii gv [pdf-viewer] 1:3.7.4-2 ii imagemagick 8:6.9.10.23+dfsg-2.1+deb10u1 ii imagemagick-6.q16 [imagemagick] 8:6.9.10.23+dfsg-2.1+deb10u1 ii poppler-utils 0.71.0-5 ii preview-latex-style 11.91-2 ii psutils 1.17.dfsg-4 ii texlive-fonts-recommended 2018.20190227-2 ii texlive-generic-extra 2018.20190227-2 ii texlive-generic-recommended 2018.20190227-2 ii texlive-latex-extra 2018.20190227-2 ii texlive-latex-recommended 2018.20190227-2 ii texlive-science 2018.20190227-2 ii xpdf [pdf-viewer] 3.04-13 Versions of packages lyx suggests: pn chktex <none> pn gnuhtml2latex <none> pn groff <none> ii inkscape 0.92.4-3 pn latex2rtf <none> ii librsvg2-bin 2.44.10-2.1 pn libtiff-tools <none> pn linuxdoc-tools <none> pn noweb <none> ii rcs 5.9.4-5 pn sgmltools-lite <none> ii texlive-plain-generic [tex4ht] 2018.20190227-2 pn texlive-xetex <none> pn writer2latex <none> pn wv <none> -- no debconf information
