There's a reported ImageMagick security vulnerability making the rounds: http://arstechnica.com/security/2016/05/easily-exploited-bug-exposes-huge-nu...

Many MediaWiki sites are configured to use ImageMagick's 'convert' command to perform image rescaling/thumbnailing, so it's worth double-checking that everything is secure...

MediaWiki already performs file type validation checks on uploads, which *should* prevent exploitation of the vulnerability for the standard image types (JPEG, PNG, GIF, SVG etc) -- this is one of the recommended mitigation strategies. But I am not confident enough to pronounce us immune without actually checking!

Some folks are also recommending tweaking the ImageMagick policy.xml to disable the most dangerous code modules; see the article linked above for further links.

-- brion