In certain cases, Postscript files could be read and written when specifically excluded by a module policy in policy.xml:
module
policy.xml
<policy domain="module" rights="none" pattern="PS" />
The issue has been resolved in ImageMagick 7.1.0-7 and 6.9.12-22.
Fortunately, in the wild, few users utilize the module policy and instead use the coder policy that is also our workaround recommendation:
coder
<policy domain="coder" rights="none" pattern="{PS,EPI,EPS,EPSF,EPSI}" />
If you have any questions or comments about this advisory:
Impact
In certain cases, Postscript files could be read and written when specifically excluded by a
modulepolicy inpolicy.xml:Patches
The issue has been resolved in ImageMagick 7.1.0-7 and 6.9.12-22.
Workarounds
Fortunately, in the wild, few users utilize the
modulepolicy and instead use thecoderpolicy that is also our workaround recommendation:For more information
If you have any questions or comments about this advisory: