In ImageMagick before version 7.1.0-7, Postscript files could be read and written in certain cases when specifically excluded by a `module` policy in `policy.xml`.
In ImageMagick before version 7.1.0-7, Postscript files could be read and written in certain cases when specifically excluded by a `module` policy in `policy.xml`.
https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-qvhr-jj4p-j2qr https://github.com/ImageMagick/ImageMagick/commit/35893e7cad78ce461fcaffa56076c11700ba5e4e https://github.com/ImageMagick/ImageMagick/commit/01faddbe2711a4156180c4a92837e2f23683cc68
Workaround ========== Fortunately, in the wild, few users utilize the `module` policy and instead use the `coder` policy that is also the recommended workaround: <policy domain="coder" rights="none" pattern="{PS,EPI,EPS,EPSF,EPSI}" />