Update status for CVE-2020-36131/aom

Both apps/aomenc.c in buster and bullseye do not seem to initialize as well the raw image object and have similar code. While the poc might not tirgger, try to play safe on this one on the maybe erring side.
author: Salvatore Bonaccorso <carnil@debian.org> 2021-12-04 10:35:22 +0100
committer: Salvatore Bonaccorso <carnil@debian.org> 2021-12-04 10:35:22 +0100
commit: 2ddf1b3198a3f04cb30ada673459e5e0df93d6e9 (patch)
tree: 1af8e3c4c039282aacb778ece1623abb6ed01f10 /data
parent: 101f78cb50e569689e50f9eed9cbbae6c4b5bf39 (diff)
1 files changed, 3 insertions, 3 deletions
diff --git a/data/CVE/2020.list b/data/CVE/2020.list
index 9bc483db04..22f87f77f1 100644
--- a/data/CVE/2020.list
+++ b/data/CVE/2020.list
@@ -1082,9 +1082,9 @@ CVE-2020-36132
 	RESERVED
 CVE-2020-36131 (AOM v2.0.1 was discovered to contain a stack buffer overflow via the c ...)
 	- aom 3.2.0-1
-	[bullseye] - aom <not-affected> (Vulnerable code introduced later)
-	[buster] - aom <not-affected> (Vulnerable code introduced later)
-	NOTE: https://aomedia.googlesource.com/aom/+/94bcbfe76b0fd5b8ac03645082dc23a88730c949 (v2.0.1)
+	[bullseye] - aom <no-dsa> (Minor issue)
+	[buster] - aom <no-dsa> (Minor issue)
+	NOTE: https://aomedia.googlesource.com/aom/+/94bcbfe76b0fd5b8ac03645082dc23a88730c949 (v2.1.0-rc1)
 	NOTE: https://bugs.chromium.org/p/aomedia/issues/detail?id=2911&q=&can=1
 CVE-2020-36130 (AOM v2.0.1 was discovered to contain a NULL pointer dereference via th ...)
 	- aom 3.2.0-1
author	Salvatore Bonaccorso <carnil@debian.org>	2021-12-04 10:35:22 +0100
committer	Salvatore Bonaccorso <carnil@debian.org>	2021-12-04 10:35:22 +0100
commit	2ddf1b3198a3f04cb30ada673459e5e0df93d6e9 (patch)
tree	1af8e3c4c039282aacb778ece1623abb6ed01f10 /data
parent	101f78cb50e569689e50f9eed9cbbae6c4b5bf39 (diff)