diff options
| author | Salvatore Bonaccorso <carnil@debian.org> | 2016-11-25 06:23:39 +0000 |
|---|---|---|
| committer | Salvatore Bonaccorso <carnil@debian.org> | 2016-11-25 06:23:39 +0000 |
| commit | 4e06c07e20fc36b7e71a8a0bfc4bd24150fd619f (patch) | |
| tree | 08b280d4e1c64441c8a401f065b7d9f94e03867d | |
| parent | 2b5dbb9787f323c9064c33627269b40744124bc0 (diff) | |
Add fixing commit for CVE-2016-8862
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@46526 e39458fd-73e7-0310-bf30-c45bca0a0e42
| -rw-r--r-- | data/CVE/list.2016 | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/data/CVE/list.2016 b/data/CVE/list.2016 index bf74b1b629..6c2341b619 100644 --- a/data/CVE/list.2016 +++ b/data/CVE/list.2016 @@ -2395,7 +2395,8 @@ CVE-2016-8862 [imagemagick: memory allocation failure in AcquireMagickMemory (me RESERVED - imagemagick <unfixed> NOTE: https://blogs.gentoo.org/ago/2016/10/17/imagemagick-memory-allocation-failure-in-acquiremagickmemory-memory-c/ - NOTE: that the initial patch was incomplete and resulted in CVE-2016-8866. So when fixing + NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/aea6c6507f55632829e6432f8177a084a57c9fcc + NOTE: The initial patch was initiall meant to be incomplete and resulted in CVE-2016-8866. So when fixing NOTE: this CVE make sure to fix it completely to not open up CVE-2016-8866. NOTE: The "incomplete fix" though is not a real problem, cf. https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=30908#p140255 NOTE: http://www.openwall.com/lists/oss-security/2016/10/17/4 |