GraphicsMagick 1.3.26 has a denial of service issue in ReadXBMImage() in a coders/xbm.c "Read hex image data" version!=10 case that results in the reader not returning; it would cause large amounts of CPU and memory consumption although the crafted file itself does not request it. Upstream patch: http://hg.code.sf.net/p/graphicsmagick/code/rev/233a720bfd5e References: http://openwall.com/lists/oss-security/2017/08/31/2
Created GraphicsMagick tracking bugs for this issue: Affects: epel-all [bug 1488444]
Created GraphicsMagick tracking bugs for this issue: Affects: fedora-all [bug 1475495]
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.