[Secure-testing-commits] r45705 - data/CVE

[Antoine Beaupré]

Author: anarcat
Date: 2016-10-28 13:06:20 +0000 (Fri, 28 Oct 2016)
New Revision: 45705

Modified:
   data/CVE/list
Log:
Summary: add patch note for CVE-2014-9850


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-10-28 12:51:24 UTC (rev 45704)
+++ data/CVE/list	2016-10-28 13:06:20 UTC (rev 45705)
@@ -12332,6 +12332,8 @@
 CVE-2014-9850 [incorrect handling of thread limit 0]
 	RESERVED
 	- imagemagick 8:6.8.9.9-4 (bug #773834)
+	NOTE: patch supposed to be https://anonscm.debian.org/cgit/collab-maint/imagemagick.git/patch/?id=2257d1eadd02d89d225fce21013a1219d221dc7d
+	NOTE: however, that patch makes no sense: it checks an uninitialized value
 CVE-2014-9851 [In psd file handling fixed parsing resource block and avoid a crash]
 	RESERVED
 	- imagemagick 8:6.8.9.9-4 (bug #773834)