graphicsmagick: Use-after-free in CloseBlob (CVE-2017-11403)
The ReadMNGImage function in coders/png.c in GraphicsMagick 1.3.26
has an out-of-order CloseBlob call,
resulting in a use-after-free via a crafted file.
References:
http://openwall.com/lists/oss-security/2017/07/18/1
https://nvd.nist.gov/vuln/detail/CVE-2017-11403
Patch:
http://hg.code.sf.net/p/graphicsmagick/code/rev/d0a76868ca37
(from redmine: issue id 7547, created on 2017-07-19, closed on 2017-08-04)
- Relations:
- child #7548 (closed)
- child #7549 (closed)
- Changesets:
- Revision f1d3663a by Francesco Colista on 2017-08-04T14:26:13Z:
community/graphicsmagick: fix CVE-2017-11403. Fixes #7547