Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 921334

Summary: media-gfx/imagemagick-7.1.1.24: stabilisation
Product: Gentoo Linux Reporter: Alexis <flexibeast>
Component: StabilizationAssignee: Codec Project <codec>
Status: RESOLVED FIXED    
Severity: normal CC: dilfridge
Priority: Normal Keywords: CC-ARCHES
Version: unspecifiedFlags: nattka: sanity-check+
Hardware: All   
OS: Linux   
See Also: https://bugs.gentoo.org/show_bug.cgi?id=664236
https://bugs.gentoo.org/show_bug.cgi?id=716674
Whiteboard:
Package list:
media-gfx/imagemagick-7.1.1.24
 Runtime testing required: ---
Bug Depends on:    
Bug Blocks: 917594    

Description Alexis 2024-01-04 07:16:00 UTC 
/etc/ImageMagick-7/policy.xml contains:

```
<!-- https://www.kb.cert.org/vuls/id/332928 mitigation / https://bugs.gentoo.org/664236 -->
  <policy domain="coder" rights="none" pattern="PS" />
  <policy domain="coder" rights="none" pattern="PS2" />
  <policy domain="coder" rights="none" pattern="PS3" />
  <policy domain="coder" rights="none" pattern="EPS" />
  <policy domain="coder" rights="none" pattern="PDF" />
  <policy domain="coder" rights="none" pattern="XPS" />
```

which prevents e.g. using convert(1) to convert image files to PDF, but https://bugs.gentoo.org/664236 is marked RESOLVED FIXED.

Users can comment out or remove the relevant 'policy' elements, of course, but should those elements no longer be there by default?

Reproducible: Always
Comment 1 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2024-01-04 07:17:40 UTC 
emerge -pvO media-gfx/imagemagick output is needed, as there were various changes here, and some are now conditional on USE flags.

See also the extensive discussion in bug 716674.
Comment 2 Alexis 2024-01-04 07:19:52 UTC 
Sure:

```
# emerge -pvO media-gfx/imagemagick

These are the packages that would be merged, in order:

[ebuild   R    ] media-gfx/imagemagick-7.1.1.11:0/7.1.1-43::gentoo  USE="X bzip2 cxx fontconfig jpeg openmp pango perl png svg tiff truetype webp xml zlib -corefonts -djvu -fftw -fpx -graphviz -hdri -heif -jbig -jpeg2k -jpegxl -lcms -lqr -lzma -opencl -openexr -postscript -q8 -q32 -raw -static-libs -test -wmf -zip" 0 KiB

Total: 1 package (1 reinstall), Size of downloads: 0 KiB
```
Comment 3 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2024-01-04 07:30:55 UTC 
Per bug 716674, the policy was dropped in 7.1.1.11-r1 (compared to your 7.1.1.11). Just need to stable something newer.
Comment 4 Alexis 2024-01-04 23:29:59 UTC 
(In reply to Sam James from comment #3)
> Per bug 716674, the policy was dropped in 7.1.1.11-r1 (compared to your
> 7.1.1.11). Just need to stable something newer.

Ah okay, thanks! (And sorry for not having supplied the version number in the bug title, i'll try to be more mindful of that in the future.)
Comment 5 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2024-01-05 03:58:02 UTC Comment hidden (obsolete)
Comment 6 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2024-01-05 03:58:45 UTC 
x86 done
Comment 7 Arthur Zamarin archtester Gentoo Infrastructure gentoo-dev Security 2024-01-05 05:32:45 UTC 
arm done
Comment 8 Arthur Zamarin archtester Gentoo Infrastructure gentoo-dev Security 2024-01-05 05:32:46 UTC 
arm64 done
Comment 9 Arthur Zamarin archtester Gentoo Infrastructure gentoo-dev Security 2024-01-05 05:32:48 UTC 
ppc done
Comment 10 Arthur Zamarin archtester Gentoo Infrastructure gentoo-dev Security 2024-01-05 05:32:50 UTC 
ppc64 done
Comment 11 Arthur Zamarin archtester Gentoo Infrastructure gentoo-dev Security 2024-01-05 05:32:51 UTC 
sparc done
Comment 12 Arthur Zamarin archtester Gentoo Infrastructure gentoo-dev Security 2024-01-05 05:32:53 UTC 
hppa done
Comment 13 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2024-01-05 05:34:24 UTC 
amd64 done