GraphicsMagick 1.3.26 is vulnerable to a memory information disclosure vulnerability found in the DescribeImage function of the magick/describe.c file, because of a heap-based buffer over-read. The portion of the code containing the vulnerability is responsible for printing the IPTC Profile information contained in the image. This vulnerability can be triggered with a specially crafted MIFF file. There is an out-of-bounds buffer dereference because certain increments are never checked. GM has it in magick/image.c and IM has it in magick/identify.c Upstream patch: http://hg.graphicsmagick.org/hg/GraphicsMagick?cmd=changeset;node=e4e1c2a581d8 References: https://blogs.securiteam.com/index.php/archives/3494
Created GraphicsMagick tracking bugs for this issue: Affects: epel-all [bug 1512049] Created ImageMagick tracking bugs for this issue: Affects: fedora-all [bug 1512048]
Created GraphicsMagick tracking bugs for this issue: Affects: fedora-all [bug 1515317]