Although the security vulnerability in GhostScript that led to this restriction on converting to and from PostScript and PDF has been addressed in version 9.24, this restriction remains in place in at least Ubuntu and Gentoo, and an attempt to remove it in Gentoo has been stopped, apparently out of an abundance of caution: https://bugs.gentoo.org/716674.
Perhaps the Ubuntu Security Team could investigate and weigh in? It looks like a problem for them. The vulnerability concerned the execution of code embedded in PostScript and PDF files when they are read in, for instance after they are uploaded to a web server configured to process them with GhostScript (directly or indirectly, as in the use case where they are converted to image files through ImageMagick). If still unsafe to lift this restriction, perhaps writing to PostScript and PDF could be allowed (using rights="write" in /etc/ImageMagick-6/policy.xml), as the vulnerability only concerned reading, if I understand correctly. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1810517 Title: re-enable GhostScript in ImageMagick To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1810517/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
