diff -up ImageMagick-6.9.10-68/coders/pdf.c.authenticate ImageMagick-6.9.10-68/coders/pdf.c
--- ImageMagick-6.9.10-68/coders/pdf.c.authenticate	2019-10-06 00:26:16.000000000 +0200
+++ ImageMagick-6.9.10-68/coders/pdf.c	2020-12-18 09:59:52.319382761 +0100
@@ -364,6 +364,36 @@ static inline void CleanupPDFInfo(PDFInf
     pdf_info->profile=DestroyStringInfo(pdf_info->profile);
 }
 
+static char *SanitizeDelegateString(const char *source)
+{
+  char
+    *sanitize_source;
+
+  const char
+    *q;
+
+  register char
+    *p;
+
+  static char
+#if defined(MAGICKCORE_WINDOWS_SUPPORT)
+    whitelist[] =
+      "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789 "
+      "$-_.+!;*(),{}|^~[]`\'><#%/?:@&=";
+#else
+    whitelist[] =
+      "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789 "
+      "$-_.+!;*(),{}|\\^~[]`\"><#%/?:@&=";
+#endif
+
+  sanitize_source=AcquireString(source);
+  p=sanitize_source;
+  q=sanitize_source+strlen(sanitize_source);
+  for (p+=strspn(p,whitelist); p != q; p+=strspn(p,whitelist))
+    *p='_';
+  return(sanitize_source);
+}
+
 static Image *ReadPDFImage(const ImageInfo *image_info,ExceptionInfo *exception)
 {
   char
@@ -585,11 +615,19 @@ static Image *ReadPDFImage(const ImageIn
   if (option != (char *) NULL)
     {
       char
-        passphrase[MaxTextExtent];
+        passphrase[MagickPathExtent],
+        *sanitize_passphrase;
 
-      (void) FormatLocaleString(passphrase,MaxTextExtent,
-        "\"-sPDFPassword=%s\" ",option);
-      (void) ConcatenateMagickString(options,passphrase,MaxTextExtent);
+      sanitize_passphrase=SanitizeDelegateString(image_info->authenticate);
+#if defined(MAGICKCORE_WINDOWS_SUPPORT)
+      (void) FormatLocaleString(passphrase,MagickPathExtent,
+        "\"-sPDFPassword=%s\" ",sanitize_passphrase);
+#else
+      (void) FormatLocaleString(passphrase,MagickPathExtent,
+        "'-sPDFPassword=%s' ",sanitize_passphrase);
+#endif
+      sanitize_passphrase=DestroyString(sanitize_passphrase);
+      (void) ConcatenateMagickString(options,passphrase,MagickPathExtent);
     }
   read_info=CloneImageInfo(image_info);
   *read_info->magick='\0';
diff -up ImageMagick-6.9.10-68/config/delegates.xml.in.authenticate ImageMagick-6.9.10-68/config/delegates.xml.in
--- ImageMagick-6.9.10-68/config/delegates.xml.in.authenticate	2019-10-06 00:26:16.000000000 +0200
+++ ImageMagick-6.9.10-68/config/delegates.xml.in	2020-12-18 10:02:24.491442232 +0100
@@ -90,8 +90,8 @@
   <delegate decode="pcl:cmyk" stealth="True" command="&quot;@PCLDelegate@&quot; -dQUIET -dSAFER -dBATCH -dNOPAUSE -dNOPROMPT -dMaxBitmap=500000000 -dAlignToPixels=0 -dGridFitTT=2 &quot;-sDEVICE=@PCLCMYKDevice@&quot; -dTextAlphaBits=%u -dGraphicsAlphaBits=%u &quot;-r%s&quot; %s &quot;-sOutputFile=%s&quot; &quot;%s&quot;"/>
   <delegate decode="pcl:color" stealth="True" command="&quot;@PCLDelegate@&quot; -dQUIET -dSAFER -dBATCH -dNOPAUSE -dNOPROMPT -dMaxBitmap=500000000 -dAlignToPixels=0 -dGridFitTT=2 &quot;-sDEVICE=@PCLColorDevice@&quot; -dTextAlphaBits=%u -dGraphicsAlphaBits=%u &quot;-r%s&quot; %s &quot;-sOutputFile=%s&quot; &quot;%s&quot;"/>
   <delegate decode="pcl:mono" stealth="True" command="&quot;@PCLDelegate@&quot; -dQUIET -dSAFER -dBATCH -dNOPAUSE -dNOPROMPT -dMaxBitmap=500000000 -dAlignToPixels=0 -dGridFitTT=2 &quot;-sDEVICE=@PCLMonoDevice@&quot; -dTextAlphaBits=%u -dGraphicsAlphaBits=%u &quot;-r%s&quot; %s &quot;-sOutputFile=%s&quot; &quot;%s&quot;"/>
-  <delegate decode="pdf" encode="eps" mode="bi" command="&quot;@PSDelegate@&quot; -sstdout=%%stderr -dQUIET -dSAFER -dBATCH -dNOPAUSE -dNOPROMPT -dMaxBitmap=500000000 -dAlignToPixels=0 -dGridFitTT=2 -sPDFPassword=&quot;%a&quot; &quot;-sDEVICE=@GSEPSDevice@&quot; &quot;-sOutputFile=%o&quot; &quot;-f%i&quot;"/>
-  <delegate decode="pdf" encode="ps" mode="bi" command="&quot;@PSDelegate@&quot; -sstdout=%%stderr -dQUIET -dSAFER -dBATCH -dNOPAUSE -dNOPROMPT -dMaxBitmap=500000000 -dAlignToPixels=0 -dGridFitTT=2 &quot;-sDEVICE=@GSPSDevice@&quot; -sPDFPassword=&quot;%a&quot; &quot;-sOutputFile=%o&quot; &quot;-f%i&quot;"/>
+  <delegate decode="pdf" encode="eps" mode="bi" command="&quot;@PSDelegate@&quot; -sstdout=%%stderr -dQUIET -dSAFER -dBATCH -dNOPAUSE -dNOPROMPT -dMaxBitmap=500000000 -dAlignToPixels=0 -dGridFitTT=2 &quot;-sDEVICE=@GSEPSDevice@&quot; &quot;-sPDFPassword=%a&quot; &quot;-sOutputFile=%o&quot; &quot;-f%i&quot;"/>
+  <delegate decode="pdf" encode="ps" mode="bi" command="&quot;@PSDelegate@&quot; -sstdout=%%stderr -dQUIET -dSAFER -dBATCH -dNOPAUSE -dNOPROMPT -dMaxBitmap=500000000 -dAlignToPixels=0 -dGridFitTT=2 &quot;-sDEVICE=@GSPSDevice@&quot; &quot;-sPDFPassword=%a&quot; &quot;-sOutputFile=%o&quot; &quot;-f%i&quot;"/>
   <delegate decode="pnm" encode="trace" command="&quot;@TraceEncodeDelegate@&quot; --svg --output &quot;%o&quot; &quot;%i&quot;"/>
   <delegate decode="png" encode="webp" command="&quot;@WebPEncodeDelegate@&quot; -quiet %Q &quot;%i&quot; -o &quot;%o&quot;"/>
   <delegate decode="pnm" encode="ilbm" mode="encode" command="&quot;@ILBMEncodeDelegate@&quot; -24if &quot;%i&quot; &gt; &quot;%o&quot;"/>