CVE-2009-1882 is currently under review, but there's a fix for this issue in project's CVS HEAD. Attached pathes could be applied against GraphicsMagick 1.3.7. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1882 Reproducible: Always Steps to Reproduce:
Created attachment 211753 [details, diff] [1/2] vulnerability fix
Created attachment 211754 [details, diff] [2/2] vulnerability fix
Created attachment 211755 [details, diff] One more patch that should improve the security
These patches has been added to the portage tree on January 11, 2009. Should this bug be closed now?
GraphicsMagick 1.3.7 has been removed from the Portage tree on February 14, 2010. Newer versions have this bug fixed. This report is quite objectless now and should be closed.
Closing NOGLSA, as there never was a stable version.