[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#33587: [PROPOSED] Default to disabling ImageMagick
|
From: |
Glenn Morris |
|
Subject: |
bug#33587: [PROPOSED] Default to disabling ImageMagick |
|
Date: |
Tue, 04 Dec 2018 12:00:48 -0500 |
|
User-agent: |
Gnus (www.gnus.org), GNU Emacs (www.gnu.org/software/emacs/) |
David Engster wrote:
> Question is: will disabling Imagemagick by default also have an impact
> on how Emacs is shipped in distributions?
I don't know. It depends whether they go with the default configure
options or not.
> I don't think so, at least as long as they don't drop Imagemagick
> completely.
Note that Red Hat Enterprise Linux 8 _will_ drop ImageMagick completely
(though it will probably be available from an add-on repository),
presumably because they don't feel able to keep up with the security
issues. That's what prompted me to first raise this in
http://lists.gnu.org/r/emacs-devel/2018-12/msg00036.html
> If for instance Debian has to take care of Imagemagick security issues
> anyway, why shouldn't Emacs link to it?
(For reference:
https://security-tracker.debian.org/tracker/source-package/imagemagick )
Because one can never guarantee all security issues are fixed, and if a
project has a history of having a lot of them, it may be considered
likely to be insecure. Also there are the various Emacs crash reports
due to ImageMagick.