Univention Bugzilla – Bug 41441
graphicsmagick: Multiple issues (4.1)
Last modified: 2016-09-21 21:27:30 CEST
Upstream Debian package version 1.3.16-1.1+deb7u2 fixes this new issue: * command injection vulnerability. An attacker with control on input image or the input filename can execute arbitrary commands with the privileges of the user running the application (CVE-2016-5118)
Update was build to scope errata4.1-2. Advisory is in r69938.
* source package version 1.3.16-1.1+deb7u2 imported and built * binary package updatable * advisory ok
<http://errata.software-univention.de/ucs/4.1/200.html>