The MagickWand interface is a new high-level C API interface to ImageMagick core methods. We discourage the use of the core methods and encourage the use of this API instead. Post MagickWand questions, bug reports, and suggestions to this forum.
2 posts • Page 1 of 1
Sorry if this question has already been answered somewhere but my searches have come up empty. We package VIPS with libmagickwand-dev Depends: libmagickwand5 (= 8:22.214.171.124-6ubuntu3), libmagickcore5-extra (= 8:126.96.36.199-6ubuntu3), libmagickcore-dev (= 8:188.8.131.52-6ubuntu3). Could the https://imagetragick.com vulnerability be exposed?
See https://www.imagemagick.org/discourse-s ... =4&t=29588. Add the suggested policies and you should be safe.