From URL: Description: The WritePICONImage function in coders/xpm.c in ImageMagick 7.0.6-4 allows remote attackers to cause a denial of service (memory leak) via a crafted file.
@Security The bug was already fixed by upstream and tree is clean. The only affected version was non-stable so dropped to ~3, we only need to add CVE. Thanks Gentoo Security Padawan ChrisADR