The ReadOneJNGImage function in coders/png.c in ImageMagick 6.9.9-4 and 7.0.6-4 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file. Upstream bug: https://github.com/ImageMagick/ImageMagick/issues/632
Created ImageMagick tracking bugs for this issue: Affects: fedora-all [bug 1477070]