[Pkg-gmagick-im-team] Bug#987504: imagemagick: attempt to perform an operation not allowed by the security policy `EPS'

[Paul Gevers]

Hi,

First off, thanks Adrian for raising the concern. In general, at this
stage we don't like packages breaking other packages.

On 28-04-2021 13:19, Adrian Bunk wrote:
>> No time for a more lenghty reply to this right now, but our point was
>> exactly to bring the same patch (already applied in the last DSA) as
>> well in bullseye's version as this was missing and discussed back then
>> and recently with the maintainer as well.
>>
>> If this is not the case yet, are bugs filled against those packages
>> you found to be failing to build now due to this change in stable and
>> unstable?
> 
> my question was exactly how to move forward here.

If I understand correctly, not having this patch in bullseye can be
considered a security regression.

> If everyone (including the release team) agrees that the imagemagick 
> change should stay and RC bugs be filed, I can do the bug filing.

I don't speak on behalf of the stable release managers, but I estimate
that they'll take fixes in stable for this issue too. So, if these bugs
aren't filed already (I would expect they may already be found and filed
because of rebuild campaigns or reproducible build failures), let's have
them filed (and fixed obviously). If they could be marked as blocking
this bug that would be great, such that we can judge what the progress
is to see when we want to let imagemagick into bullseye.

Paul

-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 495 bytes
Desc: OpenPGP digital signature
URL: <http://alioth-lists.debian.net/pipermail/pkg-gmagick-im-team/attachments/20210519/64e77c5d/attachment.sig>