Univention Bugzilla – Bug 41441
graphicsmagick: Multiple issues (4.1)
Last modified: 2016-09-21 21:27:30 CEST
Upstream Debian package version 1.3.16-1.1+deb7u2 fixes this new issue:
* command injection vulnerability. An attacker with control on input image or the input filename can execute arbitrary commands with the privileges of the user running the application (CVE-2016-5118)
Update was build to scope errata4.1-2.
Advisory is in r69938.
* source package version 1.3.16-1.1+deb7u2 imported and built
* binary package updatable
* advisory ok