Off-by-one error in the DrawImage function in magick/render.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (DrawDashPolygon heap-based buffer over-read and application crash) via a crafted file.
@maintainer(s), after bump, please call for stabilization if needed, thank you.
Daj Uan (jmbailey/mbailey_j)
Gentoo Securty Padawan
@maintainer(s), please clean the vulnerable version from the tree.
cleanup will be tracked in bug #640690
GLSA Vote: No