A flaw was found in ImageMagick 7.0.7-28. A memory leak vulnerability in ReadBGRImage in coders/bgr.c which could lead to a Denial of Service attack. References: https://github.com/ImageMagick/ImageMagick/issues/1051 Upstream Patch: https://github.com/ImageMagick/ImageMagick/commit/53060aa22a3767a46a9ddb4ef32e7fa061a1da34
Created ImageMagick tracking bugs for this issue: Affects: fedora-all [bug 1636591]
Statement: This issue affects the versions of ImageMagick as shipped with Red Hat Enterprise Linux 6 and 7. This issue did not affect the versions of ImageMagick as shipped with Red Hat Enterprise Linux 5. Red Hat Enterprise Linux 6 is now in Maintenance Support 2 Phase of the support and maintenance life cycle. This has been rated as having a security impact of Low, and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.
openshift-enterprise-3: This has been rated as having a security impact of Low. Affected OpenShift containers will inherit fixes once they land in Red Hat Enterprise Linux 7 packaging and containers are rebuilt. Removed openshift-enterprise-3 from whiteboard.