ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling rows. Upstream Issue: https://github.com/ImageMagick/ImageMagick/issues/1615
Created ImageMagick tracking bugs for this issue: Affects: fedora-all [bug 1730352]
Upstream patches: https://github.com/ImageMagick/ImageMagick6/commit/91e58d967a92250439ede038ccfb0913a81e59fe https://github.com/ImageMagick/ImageMagick/commit/025e77fcb2f45b21689931ba3bf74eac153afa48
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2020:1180 https://access.redhat.com/errata/RHSA-2020:1180
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2019-13307