From 1f338f96a11a1f51ca958cf4352f5e64909c074f Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Tue, 16 Apr 2024 21:30:28 +0200
Subject: Reference upstream commit for CVE-2024-3651/python-idna

---
 data/CVE/list | 1 +
 1 file changed, 1 insertion(+)

diff --git a/data/CVE/list b/data/CVE/list
index a9ccbb6e5e..de17a23eb0 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -629,6 +629,7 @@ CVE-2024-3651 [potential DoS via resource consumption via specially crafted inpu
 	- python-idna <unfixed>
 	NOTE: https://github.com/kjd/idna/security/advisories/GHSA-jjg7-2v4v-x38h
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2274779
+	NOTE: Fixed by: https://github.com/kjd/idna/commit/5beb28b9dd77912c0dd656d8b0fdba3eb80222e7 (v3.7)
 CVE-2024-24863 (In malidp_mw_connector_reset, new memory is allocated with kzalloc, bu ...)
 	TODO: check
 CVE-2024-24862 (In function pci1xxxx_spi_probe, there is a potential null pointer that ...)
-- 
cgit v1.2.3