Re: Developer forum is murdering ImageMagick
Some people DID migrate!
In any case, at heart IM is mostly just a pile of script tools for image manipulation. I don't think it was ever meant to be terribly secure, it's supposed to be on the "quick'n dirty" side of the spectrum. GraphicsMagick is not _terrificly_ better either. In fact, batch image manipulation tools and libraries are notoriously hard to make both useful an secure because of the tendency (by all "image format ventors") to include more and more "bells and whistles", notably in the meta-informations. I tend to trust PIL somewhat, mostly because I know how to prevent Python from doing stupid things, but even then I always keep a close eye on what can happen with it.
In my IM days I used to have a few sanitization scripts which I think kept my systems relatively safe, mostly by pre-emptively removing all but pixel informations, but not all image formats work well with that approach, obviously.