Add CVE-2021-22890/curl

author: Salvatore Bonaccorso <carnil@debian.org> 2021-03-31 08:20:45 +0200
committer: Salvatore Bonaccorso <carnil@debian.org> 2021-03-31 08:20:45 +0200
commit: 543db6ff569a18465e5a90ad08ee98e04701d449 (patch)
tree: d089f6203695ebad5c08458a9edc8f3d6e4b0cf8
parent: 0057ea4b2ee32ba45f399078eff0688971d8e9c2 (diff)
1 files changed, 4 insertions, 1 deletions
diff --git a/data/CVE/2021.list b/data/CVE/2021.list
index 1ad44e9b89..7c525e9ff2 100644
--- a/data/CVE/2021.list
+++ b/data/CVE/2021.list
@@ -15049,8 +15049,11 @@ CVE-2021-22892
 	RESERVED
 CVE-2021-22891
 	RESERVED
-CVE-2021-22890
+CVE-2021-22890 [TLS 1.3 session ticket proxy host mixup]
 	RESERVED
+	- curl <unfixed>
+	NOTE: https://curl.se/docs/CVE-2021-22890.html
+	NOTE: Fixed by: https://github.com/curl/curl/commit/b09c8ee15771c614c4bf3ddac893cdb12187c844
 CVE-2021-22889 (Revive Adserver before v5.2.0 is vulnerable to a reflected XSS vulnera ...)
 	NOT-FOR-US: Revive Adserver
 CVE-2021-22888 (Revive Adserver before v5.2.0 is vulnerable to a reflected XSS vulnera ...)
author	Salvatore Bonaccorso <carnil@debian.org>	2021-03-31 08:20:45 +0200
committer	Salvatore Bonaccorso <carnil@debian.org>	2021-03-31 08:20:45 +0200
commit	543db6ff569a18465e5a90ad08ee98e04701d449 (patch)
tree	d089f6203695ebad5c08458a9edc8f3d6e4b0cf8
parent	0057ea4b2ee32ba45f399078eff0688971d8e9c2 (diff)