graphicsmagick: A heap-based buffer overflow in ReadMNGImage in coders/png.c (CVE-2020-12672)

GraphicsMagick through 1.3.35 has a heap-based buffer overflow in ReadMNGImage in coders/png.c.

References:

• https://nvd.nist.gov/vuln/detail/CVE-2020-12672
• https://security-tracker.debian.org/tracker/CVE-2020-12672

Patch:

https://sourceforge.net/p/graphicsmagick/code/ci/50395430a37188d0d197e71bd85ed6dd0f649ee3/

Affected branches:

• master
• 3.12-stable