Update status for CVE-2020-36134/aom

author: Salvatore Bonaccorso <carnil@debian.org> 2021-12-04 10:50:26 +0100
committer: Salvatore Bonaccorso <carnil@debian.org> 2021-12-04 10:50:26 +0100
commit: 3d78b83ff3a47aff833c936e3a9fc05b49aa6454 (patch)
tree: d1a44d5b254ed84f35ad404ba30fdcc538966ae2 /data
parent: ee520d64dac1e7b13b8eadcb5073772a826a8305 (diff)
1 files changed, 3 insertions, 4 deletions
diff --git a/data/CVE/2020.list b/data/CVE/2020.list
index 2ec90139d4..dab9540eff 100644
--- a/data/CVE/2020.list
+++ b/data/CVE/2020.list
@@ -1066,12 +1066,11 @@ CVE-2020-36135 (AOM v2.0.1 was discovered to contain a NULL pointer dereference
 	NOTE: https://bugs.chromium.org/p/aomedia/issues/detail?id=2911
 	NOTE: https://aomedia.googlesource.com/aom/+/94bcbfe76b0fd5b8ac03645082dc23a88730c949 (v2.0.1)
 CVE-2020-36134 (AOM v2.0.1 was discovered to contain a segmentation violation via the  ...)
-	- aom 3.2.0-1
-	[bullseye] - aom <not-affected> (Vulnerable code introduced later)
-	[buster] - aom <not-affected> (Vulnerable code introduced later)
+	- aom <not-affected> (Vulnerable code never in a Debian released version)
 	NOTE: https://bugs.chromium.org/p/aomedia/issues/detail?id=2914
 	NOTE: https://bugs.chromium.org/p/aomedia/issues/detail?id=2940
-	NOTE: https://aomedia.googlesource.com/aom/+/5a1b33b710050b69557d26cf53d4943325481beb (v2.0.1)
+	NOTE: Introduced by: https://aomedia.googlesource.com/aom/+/4567c355bf55a7430819e9d30df259bcb83cfe0d (v2.1.0-rc1)
+	NOTE: Fixed by: https://aomedia.googlesource.com/aom/+/5a1b33b710050b69557d26cf53d4943325481beb (v2.1.0-rc1)
 CVE-2020-36133 (AOM v2.0.1 was discovered to contain a global buffer overflow via the  ...)
 	- aom 3.2.0-1
 	[bullseye] - aom <no-dsa> (Minor issue)
author	Salvatore Bonaccorso <carnil@debian.org>	2021-12-04 10:50:26 +0100
committer	Salvatore Bonaccorso <carnil@debian.org>	2021-12-04 10:50:26 +0100
commit	3d78b83ff3a47aff833c936e3a9fc05b49aa6454 (patch)
tree	d1a44d5b254ed84f35ad404ba30fdcc538966ae2 /data
parent	ee520d64dac1e7b13b8eadcb5073772a826a8305 (diff)