[Secure-testing-commits] r45369 - data/CVE

[Salvatore Bonaccorso]

Author: carnil
Date: 2016-10-16 11:47:14 +0000 (Sun, 16 Oct 2016)
New Revision: 45369

Modified:
   data/CVE/list
Log:
Add reference for CVE-2016-8690

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-10-16 11:42:23 UTC (rev 45368)
+++ data/CVE/list	2016-10-16 11:47:14 UTC (rev 45369)
@@ -52,6 +52,7 @@
 CVE-2016-8690 [SEGV on unknown address ... bmp_getdata ... bmp_dec.c]
 	- jasper <unfixed>
 	NOTE: CVE ID for the first and fifth items of http://www.openwall.com/lists/oss-security/2016/08/23/6 post
+	NOTE: https://blogs.gentoo.org/ago/2016/10/16/jasper-two-null-pointer-dereference-in-bmp_getdata-bmp_dec-c/
 CVE-2016-8689
 	- libarchive <unfixed> (bug #840934)
 	NOTE: https://blogs.gentoo.org/ago/2016/09/11/libarchive-bsdtar-heap-based-buffer-overflow-in-read_header-archive_read_support_format_7zip-c/