I don't think this has been brought up here yet, but could a CVE be
provided for the following?

A vulnerability has been reported in GraphicsMagick, which can be

exploited by malicious people to cause a DoS (Denial of Service).


The vulnerability is caused due to an error within the

"ExportAlphaQuantumType()" function (magick/export.c) when exporting 8-bit RGBA images and can be exploited

to cause a crash.

The vulnerability is reported in versions prior to 1.3.18.

References:

https://bugs.gentoo.org/show_bug.cgi?id=488050
http://sourceforge.net/p/graphicsmagick/discussion/250737/thread/20888e8b/
https://secunia.com/advisories/55288/
http://sourceforge.net/p/graphicsmagick/code/ci/1a2d7a38363f7f23b63d626887d22d39c7240144/
https://bugzilla.redhat.com/show_bug.cgi?id=1019085
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=729661


--

Vincent Danen / Red Hat Security Response Team