The decision to modify the default ImageMagick policy to prevent calling Ghostscript was not made on behalf of any single flaw. There are 50 Ghostscript CVEs allocated after this bug report was opened.
PostScript was not designed to handle malicious inputs. Ghostscript was not designed to execute malicious inputs. We believe we made the right choice for our users in setting the default ImageMagick policy to prevent calling into the Ghostscript coders and do not intend to revisit this decision soon. A local site that has decided they would rather have the feature can re- enable it themselves if they choose to do so. I strongly recommend using AppArmor to confine all parts of the document processing pipeline -- there's been hundreds of CVEs between ImageMagick (603 in my database) and Ghostscript (165 in my database). This email from Tavis Ormandy provides excellent context: https://www.openwall.com/lists/oss-security/2018/08/21/2 Thanks -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1810517 Title: re-enable GhostScript in ImageMagick To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1810517/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
