Imagick security issue, theming can't be disabled

iszabo · August 10, 2023, 5:14am

Hi,

Theming app requires imagick package, however it has a vulnerability that can be fixed only with ubuntu pro esm

I’ve uninstalled the vulnerable packages but now my pretty green all ok changed to orange with the warning:

The PHP module “imagick” is not enabled although the theming app is. For favicon generation to work correctly, you need to install and enable this module.

I’ve tried to disable the theming app, but

theming can't be disabled.

Is there a way to fix this with free ubuntu 22.04 LTS?
My nextcloud is 27.

bb77 · August 10, 2023, 5:59am

It has tons of vulnerabilities… but not all of them are critical, and not all of them do affect all Ubuntu releases, according to your link.

Not an official way, and I wouldn’t recommend to manually replace the package, or load it from some random PPA (if any exist), except you know exactley what you’re doing. However you can register five computers for free… Ubuntu Pro | Ubuntu

Free for personal use

Anyone can use Ubuntu Pro for free on up to 5 machines, or 50 if you are an official Ubuntu Community member.

iszabo · August 10, 2023, 6:32am

Free for personal use

That’s the issue, it’s not personal use.

bb77 · August 10, 2023, 8:15am

Well, then you probably have to pay if you want that Extended Security Maintainance. Or you could use a free (as in freedom) distro like Debian which backports a lot of security fixes, and most if not all of the critical ones. Or maybe you could use a derivative of an enterprise distro that you don’t have to pay for (openSUSE leap comes to mind).