ImageMagick and GraphicsMagick encounter a read beyond an allocated heap buffer when reading CMYKA TIFF files which claim to offer fewer samples per pixel than required. A maliciously crafted file could cause the application to crash. References: http://seclists.org/oss-sec/2017/q1/494 Upstream patch: https://sourceforge.net/p/graphicsmagick/code/ci/6156b4c2992d855ece6079653b3b93c3229fc4b8/
Created GraphicsMagick tracking bugs for this issue: Affects: epel-all [bug 1427979] Affects: fedora-all [bug 1427977] Created ImageMagick tracking bugs for this issue: Affects: fedora-all [bug 1427978]