[Pkg-gmagick-im-team] Bug#601824: imagemagick: reads config files from cwd

Nelson A. de Oliveira naoliv at debian.org
Sat Oct 30 02:00:42 UTC 2010

Hi Jakub!

On Fri, Oct 29, 2010 at 11:43 PM, Jakub Wilk <jwilk at debian.org> wrote:
> ImageMagick reads several configuration files[0] from the current working
> directory. Unfortunately, this allows local attackers to execute arbitrary
> code if ImageMagick is run from an untrusted directory.

I have confirmed it here and forwarded upstream.

Thank you!

Best regards,

More information about the Pkg-gmagick-im-team mailing list