Hi Brian, Thank you for you answer.
On Thu, May 5, 2016 at 9:52 AM, Brian May <b...@debian.org> wrote: > Thanks for you email. > Looks like imagemagick in wheezy is vulnerable to CVE-2016-3714 to > CVE-2016-3718. > https://security-tracker.debian.org/tracker/source-package/imagemagick > If I correctly understand you, if both of the patches you mention are > applied to imagemagick, this will completely fix CVE-2016-3714? Yes indeed. https://github.com/ImageMagick/ImageMagick/commit/06c41aba39b97203f6b9a0be6a2ccf8888cddc93 https://github.com/ImageMagick/ImageMagick/commit/a347456a1ef3b900c20402f9866992a17eb5d181 It should be applied to both wheezy and jessie. -- William