Graphicsmagick is vulnerable to the same heap overflow as Imagemagick - see bug 90423.
Bug filed upstream at https://sourceforge.net/tracker/index.php?func=detail&aid=1190872&group_id=73485&atid=537937.
See bug 90423, this may be considered a crash bug rather than a vulnerability.
*** Bug 91301 has been marked as a duplicate of this bug. ***
Taviso confirmed this is a DoS issue. Please provide an updated ebuild.
Bumped to 1.1.6 + stabled x86.
Stable on ppc.
DoS issue not fixed. We'll wait on the main imagemagick fix.
Is the xwd DoS thing present in graphicsmagick too ? Or just the unexploitable PNM overflow thing ?
yep, it shares the xwd code that causes the DoS.
OK, we need to push this upstream then...
upstream contacted as requested.
Upstream patched it here :
and mentions Tavis in their Changelog :
Not yet in an official release. kloeri, feel like to bump the current one with
the patch ?
Just committed -1.1.6-r1 with the patch included.
PPC, please test and stable.