[Pkg-gmagick-im-team] Bug#907336: imagemagick: Please consider disabling the ghostscript coder by default

Nicolas Braud-Santoni nicolas at braud-santoni.eu
Sun Aug 26 18:32:35 BST 2018 

Package: imagemagick
Version: 8:6.9.10.8+dfsg-1
Severity: normal

Hi,

I would like to suggest disabling the ghostscript coder by default in
/etc/ImageMagick-6/policy.xml:

  <!-- Prevent executing Ghostscript -->
  <policy domain="coder" rights="none" pattern="{EPS,PS2,PS3,PS,PDF,XPS}" />


Ghostscript regularly has remote code execution vulnerabilities, like #907332,
and they are most often exploitable through ImageMagick.

I'm aware this breaks support for postscript and PDF images, but it's not
obvious they are often used with ImageMagick (which is AFAIK meant for raster
graphics, not vector ones), and exposing our users to this security risk is
less than ideal.  :(

(Of course, users who rely on those formats being supported by IM can re-enable
 the coder in the policy.xml configuration file.)


Best,

  nicoo

-- Package-specific info:
ImageMagick program version
---------------------------
animate:  ImageMagick 6.9.10-8 Q16 x86_64 20180723 https://www.imagemagick.org
compare:  ImageMagick 6.9.10-8 Q16 x86_64 20180723 https://www.imagemagick.org
convert:  ImageMagick 6.9.10-8 Q16 x86_64 20180723 https://www.imagemagick.org
composite:  ImageMagick 6.9.10-8 Q16 x86_64 20180723 https://www.imagemagick.org
conjure:  ImageMagick 6.9.10-8 Q16 x86_64 20180723 https://www.imagemagick.org
display:  ImageMagick 6.9.10-8 Q16 x86_64 20180723 https://www.imagemagick.org
identify:  ImageMagick 6.9.10-8 Q16 x86_64 20180723 https://www.imagemagick.org
import:  ImageMagick 6.9.10-8 Q16 x86_64 20180723 https://www.imagemagick.org
mogrify:  ImageMagick 6.9.10-8 Q16 x86_64 20180723 https://www.imagemagick.org
montage:  ImageMagick 6.9.10-8 Q16 x86_64 20180723 https://www.imagemagick.org
stream:  ImageMagick 6.9.10-8 Q16 x86_64 20180723 https://www.imagemagick.org

-- System Information:
Debian Release: buster/sid
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 4.17.0-3-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages imagemagick depends on:
ii  imagemagick-6.q16  8:6.9.10.8+dfsg-1

imagemagick recommends no packages.

imagemagick suggests no packages.

-- no debconf information

More information about the Pkg-gmagick-im-team mailing list