CVE-2016-10070 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-10070): Heap-based buffer overflow in the CalcMinMax function in coders/mat.c in ImageMagick before 6.9.4-0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted mat file.
Fixed by upstream since 6.9.4.0. Landed in Gentoo via bf1360d003a494888c306a9b8ae00452861d13f9 in 6.9.4.1. Current stable version in Gentoo repository is 6.9.7.4. All done.