Univention Bugzilla – Bug 41439
imagemagick: Multiple issues (4.1)
Last modified: 2016-09-21 21:27:34 CEST
Upstream Debian package version 8:6.7.7.10-5+deb7u6 fixes this new issue: * command injection vulnerability. An attacker with control on input image or the input filename can execute arbitrary commands with the privileges of the user running the application (CVE-2016-5118)
Update was build to scope errata4.1-2. Advisory is in r69938.
* source package version 8:6.7.7.10-5+deb7u6 imported and built * binary package updatable * advisory ok
<http://errata.software-univention.de/ucs/4.1/202.html>