From 0f15485b3e212f0fc0d10db012840234faffeef0 Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Wed, 25 Nov 2020 21:31:13 +0100
Subject: Add CVE-2020-26243/nanopb

---
 data/CVE/list | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/data/CVE/list b/data/CVE/list
index 004a0e0c17..71cad8eb27 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -9520,7 +9520,10 @@ CVE-2020-26245
 CVE-2020-26244
 	RESERVED
 CVE-2020-26243 (Nanopb is a small code-size Protocol Buffers implementation. In Nanopb ...)
-	TODO: check
+	- nanopb <unfixed>
+	NOTE: https://github.com/nanopb/nanopb/security/advisories/GHSA-85rr-4rh9-hhwh
+	NOTE: https://github.com/nanopb/nanopb/commit/edf6dcbffee4d614ac0c2c1b258ab95185bdb6e9 (0.4.4)
+	NOTE: https://github.com/nanopb/nanopb/issues/615
 CVE-2020-26242 (Go Ethereum, or "Geth", is the official Golang implementation of the E ...)
 	TODO: check
 CVE-2020-26241 (Go Ethereum, or "Geth", is the official Golang implementation of the E ...)
-- 
cgit v1.2.3