A vulnerability was found in ImageMagick 7.0.8-34 has a "use of uninitialized value" vulnerability in the SyncImageSettings function in MagickCore/image.c. This is related to AcquireImage in magick/image.c. Reference: https://github.com/ImageMagick/ImageMagick/issues/1522
Created ImageMagick tracking bugs for this issue: Affects: fedora-all [bug 1732295]
Upstream patches: https://github.com/ImageMagick/ImageMagick/commit/ee3dae8624e69261760754442827aea4d0254a6f https://github.com/ImageMagick/ImageMagick6/commit/27b1c74979ac473a430e266ff6c4b645664bc805
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2020:1180 https://access.redhat.com/errata/RHSA-2020:1180
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2019-12979