Changelog
variety (0.6.3-5+deb9u1) stretch; urgency=medium
* Backport various security fixes from Variety 0.6.6:
- Fix shell injection on deleting files to trash, from upstream commit
https://github.com/varietywalls/variety/commit/475a5e076b9c8c7c83176214f84455dc78834723
- Fix shell injection in filter and clock with specially crafted
filenames; upstream commit
https://github.com/varietywalls/variety/commit/65722237baa996b0ef2389cea693bfeeba62b224
- Harden ImageMagick calls against potential shell injection:
https://github.com/varietywalls/variety/commit/a7c134ecd494bb878c73df9f65cb838dbb57413a
-- James Lu <email address hidden> Tue, 14 Nov 2017 12:42:11 -0800