From $URL: The ReadJPEGImage function in coders/jpeg.c in GraphicsMagick 1.3.26 creates a pixel cache before a successful read of a scanline, which allows remote attackers to cause a denial of service (resource consumption) via crafted JPEG files. References: http://www.securityfocus.com/bid/99504 http://hg.code.sf.net/p/graphicsmagick/code/rev/4d0baa77245b Solution: Updates are available. Patch: http://hg.code.sf.net/p/graphicsmagick/code/rev/b4139088b49a
The commit mentions: JNG: Fix double frees caused by changeset 15060:d445af60a8d5 commited on 2017-07-06 However the tag for 1.3.26 was done on: Tue, 04 Jul 2017 16:31:33 -0500 (9 days ago) i.e. the issue didn't go in any release
Good to know ago, thanks
*** Bug 629954 has been marked as a duplicate of this bug. ***