It's a little unclear how this only warrants a severity of "medium" given that it is a full remote code execution exploit with actual weaponized code in the wild.
** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2016-3718 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2016-3715 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2016-3716 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2016-3717 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1578398 Title: ImageMagick Security Issue reported yesterday To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/imagemagick/+bug/1578398/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs