Hello Hajo,
Tavis Ormandy has recently discovered enough flaws in ghostscript that
the general consensus in the security community is that it is not safe
to allow ghostscript to process untrusted inputs. See for example:
I think we should encourage switching to other document
formats that we have a better handle on securing. If you
do need untrusted ps, I think treating it the same as
shell script file you downloaded from the internet.
https://www.openwall.com/lists/oss-security/2018/10/09/6
ImageMagick is a well-known and widely-available attack vector.
Whoever would wish to use ImageMagick on untrusted inputs should prepare
an AppArmor profile (or SELinux/SMACK/TOMOYO policy) to reflect their
expected usage to restrict how much damage can be done, and modify the
policy.xml file to explicitly allow using ghostscript through
ImageMagick: https://imagemagick.org/script/security-policy.php
We debated if this was a change we wanted to make because we knew that
it would inconvenience some of our users. However, we feel that someone
who needs these tools should know the full risks of these tools and thus
be able to mitigate the risks as appropriate in their own environment.
Thanks
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1793485
Title:
segfault in png to gif conversion
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1793485/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
