graphicsmagick: A heap-based buffer overflow in ReadMNGImage in coders/png.c (CVE-2020-12672)
GraphicsMagick through 1.3.35 has a heap-based buffer overflow in ReadMNGImage in coders/png.c.
References:
- https://nvd.nist.gov/vuln/detail/CVE-2020-12672
- https://security-tracker.debian.org/tracker/CVE-2020-12672
Patch:
https://sourceforge.net/p/graphicsmagick/code/ci/50395430a37188d0d197e71bd85ed6dd0f649ee3/
Affected branches:
- master
- 3.12-stable
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information