Hi,
Adam Borowski writes:
> On Tue, Jul 18, 2017 at 10:07:35PM +0200, Adam Borowski wrote:
>> Actually, imagemagick is one of worst offenders here. The version in Jessie
>> is at deb8u9, and every security update tends to mention ~20 CVEs.
>
> ... aaaand, just hours later, here comes deb8u10:
>
> # Package : imagemagick
> # CVE ID : CVE-2017-9439 CVE-2017-9440 CVE-2017-9500 CVE-2017-9501
> # CVE-2017-10928 CVE-2017-11141 CVE-2017-11170
> # CVE-2017-11360 CVE-2017-11188
> # Debian Bug : 863126 867367 867778 867721 864273 864274 867806 868264
> # 868184 867810 867808 867811 867812 867896 867798 867821
> # 867824 867825 867826 867893 867823 867894 867897
Totally untested, but you might try to replace imagemagick with
graphicsmagick. It's at deb8u ;-)
Hope this helps,
--
Olaf Meeuwissen, LPIC-2 FSF Associate Member since 2004-01-27
GnuPG key: F84A2DD9/B3C0 2F47 EA19 64F4 9F13 F43E B8A4 A88A F84A 2DD9
Support Free Software https://my.fsf.org/donate
Join the Free Software Foundation https://my.fsf.org/join