A flaw was found in GraphicsMagick 1.3.27a. A 1 byte heap-based buffer over-read in ReadOneJNGImage function in coders/png.c, related to oFFs chunk allocation, that could lead to information disclosure or denial of service. Upstream bug: https://sourceforge.net/p/graphicsmagick/bugs/530/ Upstream patch: http://hg.graphicsmagick.org/hg/GraphicsMagick?cmd=changeset;node=8e3d2264109c
Created GraphicsMagick tracking bugs for this issue: Affects: epel-all [bug 1528037] Affects: fedora-all [bug 1528038]
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.