Salvatore Bonaccorso <[email protected]> writes: > See the discussion about this on > http://www.openwall.com/lists/oss-security/2016/05/03/19 though.
Thanks for this. I did see it at the time, however didn't get a chance yet to read it properly. Also see the comment at the bottom of https://github.com/ImageMagick/ImageMagick/commit/a347456a1ef3b900c20402f9866992a17eb5d181 It does seem like that these 2 patches combined don't fix CVE-2016-3714 and I can't see anything that attempts to fix CVE-2016-3715 - CVE-2016-3718 either. -- Brian May <[email protected]>
