ReadOneJNGImage in coders/png.c in GraphicsMagick 1.3.26 has a use-after-free issue when the height or width is zero, related to ReadJNGImage. An attacker can use this issue to crash the application. Upstream issue: https://sourceforge.net/p/graphicsmagick/bugs/469/ Upstream patches: http://hg.graphicsmagick.org/hg/GraphicsMagick?cmd=changeset;node=93bdb9b30076 http://hg.graphicsmagick.org/hg/GraphicsMagick?cmd=changeset;node=df946910910d
Created GraphicsMagick tracking bugs for this issue: Affects: epel-all [bug 1494551] Affects: fedora-all [bug 1494552]
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.