[Secure-testing-commits] r55412 - data/CVE

[Salvatore Bonaccorso]

Author: carnil
Date: 2017-09-03 13:14:09 +0000 (Sun, 03 Sep 2017)
New Revision: 55412

Modified:
   data/CVE/list
Log:
Add bug reference for CVE-2017-14041

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-09-03 13:02:34 UTC (rev 55411)
+++ data/CVE/list	2017-09-03 13:14:09 UTC (rev 55412)
@@ -1054,7 +1054,7 @@
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2017-08/msg05201.html
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1486400
 CVE-2017-14041 (A stack-based buffer overflow was discovered in the pgxtoimage function ...)
-	- openjpeg2 <unfixed>
+	- openjpeg2 <unfixed> (bug #874115)
 	NOTE: Fixed by: https://github.com/uclouvain/openjpeg/commit/e5285319229a5d77bf316bb0d3a6cbd3cb8666d9
 	NOTE: Reproducer: https://blogs.gentoo.org/ago/2017/08/28/openjpeg-stack-based-buffer-overflow-write-in-pgxtoimage-convert-c/
 	NOTE: https://github.com/uclouvain/openjpeg/issues/997