[3.7] graphicsmagick: Use-after-free in CloseBlob (CVE-2017-11403)
The ReadMNGImage function in coders/png.c in GraphicsMagick 1.3.26
has an out-of-order CloseBlob call,
resulting in a use-after-free via a crafted file.
References:
http://openwall.com/lists/oss-security/2017/07/18/1
https://nvd.nist.gov/vuln/detail/CVE-2017-11403
Patch:
http://hg.code.sf.net/p/graphicsmagick/code/rev/d0a76868ca37
(from redmine: issue id 7548, created on 2017-07-19, closed on 2017-08-04)
- Relations:
- parent #7547 (closed)