Track two issues in geckodriver, itp'ed

author: Salvatore Bonaccorso <carnil@debian.org> 2022-02-22 07:29:28 +0100
committer: Salvatore Bonaccorso <carnil@debian.org> 2022-02-22 07:29:28 +0100
commit: 1203708441c2d712e738512f70a8d44961e09e42 (patch)
tree: 83c86948d4a332d3a9dd7b8f6224e10ee62bd6ab
parent: f447a1336998f2f7974eeb3a8887669720239eed (diff)
2 files changed, 2 insertions, 1 deletions
diff --git a/data/CVE/2020.list b/data/CVE/2020.list
index b906363eec..654068a6d0 100644
--- a/data/CVE/2020.list
+++ b/data/CVE/2020.list
@@ -35292,7 +35292,7 @@ CVE-2020-15661 (A rogue webpage could override the injected WKUserScript used by
 	- firefox <not-affected> (Specific to Firefox for iOS)
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-34/#CVE-2020-15661
 CVE-2020-15660 (Missing checks on Content-Type headers in geckodriver before 0.27.0 co ...)
-	NOT-FOR-US: geckodriver
+	- geckodriver <itp> (bug #989456)
 CVE-2020-15659 (Mozilla developers and community members reported memory safety bugs p ...)
 	{DSA-4740-1 DSA-4736-1 DLA-2310-1 DLA-2297-1}
 	- firefox 79.0-1
diff --git a/data/CVE/2021.list b/data/CVE/2021.list
index 98f2a707c6..13bc719b4d 100644
--- a/data/CVE/2021.list
+++ b/data/CVE/2021.list
@@ -3788,6 +3788,7 @@ CVE-2021-4139 (pimcore is vulnerable to Improper Neutralization of Input During
 	NOT-FOR-US: Pimcore
 CVE-2021-4138
 	RESERVED
+	- geckodriver <itp> (bug #989456)
 CVE-2021-45233
 	RESERVED
 CVE-2021-45232 (In Apache APISIX Dashboard before 2.10.1, the Manager API uses two fra ...)
author	Salvatore Bonaccorso <carnil@debian.org>	2022-02-22 07:29:28 +0100
committer	Salvatore Bonaccorso <carnil@debian.org>	2022-02-22 07:29:28 +0100
commit	1203708441c2d712e738512f70a8d44961e09e42 (patch)
tree	83c86948d4a332d3a9dd7b8f6224e10ee62bd6ab
parent	f447a1336998f2f7974eeb3a8887669720239eed (diff)