Fix CVE-2016-5118 (popen() shell vulnerability via filename). https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5118 Upstream patch copied from the bug announcement: http://seclists.org/oss-sec/2016/q2/432 https://marc.info/?l=oss-security&m=146455222600609&w=2 diff -r 33200fc645f6 magick/blob.c --- a/magick/blob.c Sat Nov 07 14:49:16 2015 -0600 +++ b/magick/blob.c Sun May 29 14:12:57 2016 -0500 @@ -68,6 +68,7 @@ */ #define DefaultBlobQuantum 65541 +#undef HAVE_POPEN /* Enum declarations.