Add fixing commit for CVE-2016-8862

git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@46526 e39458fd-73e7-0310-bf30-c45bca0a0e42
author: Salvatore Bonaccorso <carnil@debian.org> 2016-11-25 06:23:39 +0000
committer: Salvatore Bonaccorso <carnil@debian.org> 2016-11-25 06:23:39 +0000
commit: 647b289842aa100d7e83e16404486f0e652e10a8 (patch)
tree: 21a88192492e8c8caa38b98b8cc7b3fa3b50a832
parent: ebd7321b5c48b4c5790fd7405c254368ce60af2f (diff)
1 files changed, 2 insertions, 1 deletions
diff --git a/data/CVE/list b/data/CVE/list
index 7e117b28d2..16ba20fb4d 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -2460,7 +2460,8 @@ CVE-2016-8862 [imagemagick: memory allocation failure in AcquireMagickMemory (me
 	RESERVED
 	- imagemagick <unfixed>
 	NOTE: https://blogs.gentoo.org/ago/2016/10/17/imagemagick-memory-allocation-failure-in-acquiremagickmemory-memory-c/
-	NOTE: that the initial patch was incomplete and resulted in CVE-2016-8866. So when fixing
+	NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick/commit/aea6c6507f55632829e6432f8177a084a57c9fcc
+	NOTE: The initial patch was initiall meant to be incomplete and resulted in CVE-2016-8866. So when fixing
 	NOTE: this CVE make sure to fix it completely to not open up CVE-2016-8866.
 	NOTE: The "incomplete fix" though is not a real problem, cf. https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=30908#p140255
 	NOTE: http://www.openwall.com/lists/oss-security/2016/10/17/4
author	Salvatore Bonaccorso <carnil@debian.org>	2016-11-25 06:23:39 +0000
committer	Salvatore Bonaccorso <carnil@debian.org>	2016-11-25 06:23:39 +0000
commit	647b289842aa100d7e83e16404486f0e652e10a8 (patch)
tree	21a88192492e8c8caa38b98b8cc7b3fa3b50a832
parent	ebd7321b5c48b4c5790fd7405c254368ce60af2f (diff)