Heads up for some ImageMagick changes

[znmeb]

There's a security update to ImageMagick that's winding its way through Homebrew and Linux distros that breaks PDF output in the magick package. I run Arch Linux and it hit me a few days ago when I did an update. See https://bugs.archlinux.org/task/60580 for the symptoms.

The workaround is here: https://bugs.archlinux.org/task/60580#comments. Note that this comment does not tell you which file you have to edit! It's an ImageMagick configuration file called "policy.xml"; you'll have to dig into the documentation for where it's stored on the system. On Arch it's /etc/ImageMagick-7/policy.xml.

Here's a link to the actual security issue: https://bugs.archlinux.org/task/59778

I can do a pull request for your documentation if you wish.

[jeroen]

I guess we can still use image_read_pdf() which uses the pdftools package?

[jeroen]

Ah wait this is about writing pdf?

[znmeb]

I am only reading SVGs, not PDFs. As I read the config file, though, it is saying "none" for anything that uses GhostScript:

  <policy domain="coder" rights="none" pattern="{PS,PS2,PS3,EPS,PDF,XPS}" />