Univention Bugzilla – Bug 41440
imagemagick: Multiple issues (3.3)
Last modified: 2016-09-21 21:27:27 CEST
+++ This bug was initially created as a clone of Bug #41439 +++ Upstream Debian package version 8:6.7.7.10-5+deb7u6 fixes this new issue: * command injection vulnerability. An attacker with control on input image or the input filename can execute arbitrary commands with the privileges of the user running the application (CVE-2016-5118)
Update was build to scope errata3.3-0. Advisory is in r69938.
* source package version 8:6.7.7.10-5+deb7u6 imported and built * binary package updatable * advisory ok
<http://errata.software-univention.de/ucs/3.3/8.html>