Package: imagemagick-6-common Version: 8:6.9.11.60+dfsg-1.3 Severity: normal File: /etc/ImageMagick-6/policy.xml
Dear Maintainer, Line 77 of /etc/ImageMagick-6/policy.xml (for name="shared-secret") has a comment start marker (<!--) without a comment end marker (-->) causing the start marker on the next line to occur within a comment, which is not valid XML[^1]: > For compatibility, the string "--" (double-hyphen) MUST NOT occur within > comments. As demonstrated by `xmllint /etc/ImageMagick-6/policy.xml`: /etc/ImageMagick-6/policy.xml:77: parser error : Double hyphen within comment: <!-- <policy domain="cache" name="shared-secret" value <!-- <policy domain="system" name="max-memory-request" value="256MiB"/> --> ^ It does not cause any issues with the ImageMagick tools that I am aware of, but it complicates use/checking by other tools which parse the XML more strictly (e.g. XMLStarlet). The issue is caused by 0007-Improve-policy-in-order-to-be-safer.patch (d9e5818685) which removed the end marker on line 77. Thanks, Kevin [^1]: https://www.w3.org/TR/REC-xml/#sec-comments -- Package-specific info: ImageMagick program version --------------------------- animate: ImageMagick 6.9.11-60 Q16 x86_64 2021-01-25 https://imagemagick.org compare: ImageMagick 6.9.11-60 Q16 x86_64 2021-01-25 https://imagemagick.org convert: ImageMagick 6.9.11-60 Q16 x86_64 2021-01-25 https://imagemagick.org composite: ImageMagick 6.9.11-60 Q16 x86_64 2021-01-25 https://imagemagick.org conjure: ImageMagick 6.9.11-60 Q16 x86_64 2021-01-25 https://imagemagick.org display: ImageMagick 6.9.11-60 Q16 x86_64 2021-01-25 https://imagemagick.org identify: ImageMagick 6.9.11-60 Q16 x86_64 2021-01-25 https://imagemagick.org import: ImageMagick 6.9.11-60 Q16 x86_64 2021-01-25 https://imagemagick.org mogrify: ImageMagick 6.9.11-60 Q16 x86_64 2021-01-25 https://imagemagick.org montage: ImageMagick 6.9.11-60 Q16 x86_64 2021-01-25 https://imagemagick.org stream: ImageMagick 6.9.11-60 Q16 x86_64 2021-01-25 https://imagemagick.org -- System Information: Debian Release: 11.0 APT prefers testing-debug APT policy: (990, 'testing-debug'), (990, 'testing'), (500, 'unstable-debug'), (500, 'testing-security'), (500, 'stable-debug'), (500, 'unstable'), (500, 'oldstable'), (101, 'experimental'), (1, 'experimental-debug') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.14.0-rc1 (SMP w/4 CPU threads) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled -- no debconf information