As a workaround, you can type this command :
sudo sed -i 's###'
/etc/ImageMagick-6/policy.xml
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1796563
Title:
8:6.8.9.9-7ubuntu5.13 breaks convert with
Hello,
I am running Ubuntu 18.04.2 LTS (bionic) with ghostcript version 9.26.
Per the document https://www.kb.cert.org/vuls/id/332928/, the
vulnerability in question seems to have been fixed in version 9.24
itself.
Isn't it time to have the policy.xml changes adjusted and any other
changes done
For what it's worth, we ran into this issue today as well. It looks like
the related Ghostscript vulnerability is detailed here:
https://www.kb.cert.org/vuls/id/332928
While the release notes are not exactly *clear*, Ghostscript v9.25 seems
to make reference to fixing some vulnerabilities of this
img2pdf seem to do the job for the reverse operation nicely...
S.
Amir <1796...@bugs.launchpad.net> wrote:
> Here is an alternative to `convert document.pdf image.jpg`:
>
> pdftoppm -jpeg document.pdf image
>
> Note: pdftoppm is coming from poppler-utils
> Note: the generated output path is
Here is an alternative to `convert document.pdf image.jpg`:
pdftoppm -jpeg document.pdf image
Note: pdftoppm is coming from poppler-utils
Note: the generated output path is not 1:1 with convert, so adjust any scripts
using it
Can someone suggest an alternative to the reverse operation, `con
Sadi, if you're willing to take the risk, you can comment the
appropriate line in /etc/ImageMagick-6/policy.xml ..
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1796563
Title:
8:6.8.9.9-7ubuntu5.13
I guess this shows that I suffer from the same issue when trying to
convert image file(s) to pdf:
8:6.9.7.4+dfsg-16ubuntu6.4
convert-im6.q16: not authorized `filename.pdf' @
error/constitute.c/WriteImage/1037.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which
** Tags added: regression-security
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1796563
Title:
8:6.8.9.9-7ubuntu5.13 breaks convert with no explanation
To manage notifications about this bug go to
Status changed to 'Confirmed' because the bug affects multiple users.
** Changed in: imagemagick (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1796563
Title:
Yeah, but it's not immediately obvious if you're not familiar with
imagemagick internals (I certainly didn't know what policy.xml was), and
it's part of 70 lines of changes.
Given this is flat out disabling a big chunk of functionality in
something frequently used as part of other programs / scrip
The package changelog mentions this:
* SECURITY UPDATE: code execution vulnerabilities in ghostscript as
invoked by imagemagick
- debian/patches/200-disable-ghostscript-formats.patch: disable
ghostscript handled types by default in policy.xml
https://bugs.launchpad.net/ubuntu/+source/imag
11 matches
Mail list logo
