imagemagick is vulnerable to arbitrary code execution. A stack-based buffer overflow in coders/pnm.c
in WritePNMImage
due to an off-by-one error in strncpy
allows an attacker to execute arbitrary code on the system.
lists.opensuse.org/opensuse-security-announce/2019-08/msg00069.html
access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.8_release_notes/index
access.redhat.com/errata/RHSA-2020:1180
access.redhat.com/security/updates/classification/#moderate
bugzilla.redhat.com/show_bug.cgi?id=1743658
bugzilla.redhat.com/show_bug.cgi?id=1764595
bugzilla.redhat.com/show_bug.cgi?id=1765205
bugzilla.redhat.com/show_bug.cgi?id=1765208
bugzilla.redhat.com/show_bug.cgi?id=1765211
github.com/ImageMagick/ImageMagick/commit/29efd648f38b73a64d73f14cd2019d869a585888
github.com/ImageMagick/ImageMagick/issues/1613
github.com/ImageMagick/ImageMagick6/commit/5c7fbf9a14fb83c9685ad69d48899f490a37609d
lists.debian.org/debian-lts-announce/2019/08/msg00021.html
usn.ubuntu.com/4192-1/
www.debian.org/security/2020/dsa-4712
www.debian.org/security/2020/dsa-4715