Hello Seth, thanks for your answer. My expectations was that flaws are fixed in code and it's not necessary to block filetypes. Unfortunately in hosting/webapplications/shops ImageMagick+Ghostscript are widely used in Standardsoftware. Minutes after Updating some Servers we had reports about failing conversions. We use apparmor-profiles to protect our internal structure. User itself is only able to read some needed paths and write to his own home. So this risk should be ok for us unless there is an exploit to gain root privileges. If i understand Tavis Ormandy's statement the right way, more flaws are highly probable.
Thanks, Hajo -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1793485 Title: segfault in png to gif conversion To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1793485/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
