Hi, Adam Borowski writes:
> On Tue, Jul 18, 2017 at 10:07:35PM +0200, Adam Borowski wrote: >> Actually, imagemagick is one of worst offenders here. The version in Jessie >> is at deb8u9, and every security update tends to mention ~20 CVEs. > > ... aaaand, just hours later, here comes deb8u10: > > # Package : imagemagick > # CVE ID : CVE-2017-9439 CVE-2017-9440 CVE-2017-9500 CVE-2017-9501 > # CVE-2017-10928 CVE-2017-11141 CVE-2017-11170 > # CVE-2017-11360 CVE-2017-11188 > # Debian Bug : 863126 867367 867778 867721 864273 864274 867806 868264 > # 868184 867810 867808 867811 867812 867896 867798 867821 > # 867824 867825 867826 867893 867823 867894 867897 Totally untested, but you might try to replace imagemagick with graphicsmagick. It's at deb8u ;-) Hope this helps, -- Olaf Meeuwissen, LPIC-2 FSF Associate Member since 2004-01-27 GnuPG key: F84A2DD9/B3C0 2F47 EA19 64F4 9F13 F43E B8A4 A88A F84A 2DD9 Support Free Software https://my.fsf.org/donate Join the Free Software Foundation https://my.fsf.org/join _______________________________________________ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
