There's a reported ImageMagick security vulnerability making the rounds:
Many MediaWiki sites are configured to use ImageMagick's 'convert' command
to perform image rescaling/thumbnailing, so it's worth double-checking that
everything is secure...
MediaWiki already performs file type validation checks on uploads, which
*should* prevent exploitation of the vulnerability for the standard image
types (JPEG, PNG, GIF, SVG etc) -- this is one of the recommended
mitigation strategies. But I am not confident enough to pronounce us immune
without actually checking!
Some folks are also recommending tweaking the ImageMagick policy.xml to
disable the most dangerous code modules; see the article linked above for