Ghostscript, and apps that use it such as ImageMagick, are vulnerable to arbitrary command execution as the result of parsing a crafted file. There is currently no fix. Only a workaround for ImageMagick so far:https://www.kb.cert.org/vuls/id/332928
Is it correct that GraphicsMagick doesn't contain the equivalent of a policy.xml file like ImageMagick uses? If so, then GraphicsMagick users are quite at risk here, with perhaps no workaround short of uninstalling Ghostscript.