In ImageMagick 7.0.6-3, a missing NULL assignment was found in coders/png.c, leading to an invalid free in the function RelinquishMagickMemory in MagickCore/memory.c, which allows attackers to cause a denial of service. Upstream issue: https://github.com/ImageMagick/ImageMagick/issues/621 Upstream patch: https://github.com/ImageMagick/ImageMagick/commit/0de8fd616b92888a7e3d0f640fbb2d397d093944