Debian Linux Security Advisory 3445-1 - Javantea discovered that pygments, a generic syntax highlighter, is prone to a shell injection vulnerability allowing a remote attacker to execute arbitrary code via shell metacharacters in a font name.
be20283f27cd754080667c6aa5832f53b7aa71a80cf88dd6308d581511d9b578