Jon, severity in launchpad is mostly unused. (Maybe some teams use it
but I'm not aware of them.) Issues that the Ubuntu Security Team tracks
are on the Ubuntu CVE Tracker:
https://people.canonical.com/~ubuntu-security/cve/pkg/imagemagick.html
Now the bad news -- I don't think the upstream develo
It's a little unclear how this only warrants a severity of "medium"
given that it is a full remote code execution exploit with actual
weaponized code in the wild.
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-3718
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi
** Information type changed from Private Security to Public Security
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-3714
** Also affects: imagemagick (Ubuntu Xenial)
Importance: Undecided
Status: New
** Also affects: imagemagick (Ubuntu Trusty)
Importance: Und
