diff options
author | Simon McVittie <smcv@debian.org> | 2016-05-05 23:17:45 +0100 |
---|---|---|
committer | Simon McVittie <smcv@debian.org> | 2016-05-05 23:43:50 +0100 |
commit | 170cd41489ab25fc3b7a95dd31521dfe522b4f9e (patch) | |
tree | a6ce0d308d7304451ec646c3744e24aff7d8853d /NEWS | |
parent | 545a7bbbf07dd2375a96eae09f9abd6329a919e5 (diff) | |
download | ikiwiki-170cd41489ab25fc3b7a95dd31521dfe522b4f9e.tar ikiwiki-170cd41489ab25fc3b7a95dd31521dfe522b4f9e.tar.gz |
img: check magic number before giving common formats to ImageMagick
This mitigates CVE-2016-3714 and similar vulnerabilities by
avoiding passing obviously-wrong input to ImageMagick decoders.
Diffstat (limited to 'NEWS')
0 files changed, 0 insertions, 0 deletions