In ImageMagick 7.0.5-6, the ReadBMPImage function in bmp.c:1379 allows attackers to cause a denial of service (memory leak) via a crafted file.
Upstream bug: https://github.com/ImageMagick/ImageMagick/issues/467 Upstream patch: e3c6338e3a1fe003abf581b5f99f20d94c520e7e Fixed since upstream release v6.9.8-5 which is not yet available in Gentoo repository.
Stabilization will happen in bug 612668
GLSA Vote: No