Add CVE-2021-20296/openexr

author: Salvatore Bonaccorso <carnil@debian.org> 2021-03-31 09:09:22 +0200
committer: Salvatore Bonaccorso <carnil@debian.org> 2021-03-31 09:09:22 +0200
commit: 72f1cd656fe0bd161d0c58da16caeefce9a2bb87 (patch)
tree: 1a359ba38ea003dbec50ec53ecd65ace1b3b0905
parent: 83e72a90a04f5439fedcb486e3622d9cdecec244 (diff)
1 files changed, 3 insertions, 0 deletions
diff --git a/data/CVE/2021.list b/data/CVE/2021.list
index 773dadc1f9..9bf931146e 100644
--- a/data/CVE/2021.list
+++ b/data/CVE/2021.list
@@ -20623,6 +20623,9 @@ CVE-2021-20297 [Setting match.path and activating a profiles crashes NetworkMana
 	NOTE: https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/commit/420784e342da4883f6debdfe10cde68507b10d27
 CVE-2021-20296
 	RESERVED
+	- openexr <unfixed>
+	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=24854
+	NOTE: https://github.com/AcademySoftwareFoundation/openexr/commit/b0c63c0b96eb9b0d3998f603e12f9f414fb0d44a
 CVE-2021-20295 [Regression of CVE-2020-10756 fix in virt:rhel/qemu-kvm in Red Hat Enterprise Linux 8.3]
 	RESERVED
 	- qemu <not-affected> (RHEL 8.3 specific security regression)
author	Salvatore Bonaccorso <carnil@debian.org>	2021-03-31 09:09:22 +0200
committer	Salvatore Bonaccorso <carnil@debian.org>	2021-03-31 09:09:22 +0200
commit	72f1cd656fe0bd161d0c58da16caeefce9a2bb87 (patch)
tree	1a359ba38ea003dbec50ec53ecd65ace1b3b0905
parent	83e72a90a04f5439fedcb486e3622d9cdecec244 (diff)