From 181a966ceba9e663659532072ab482994dbed543 Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Sun, 2 Jan 2022 15:19:41 +0100
Subject: Add Debian bug reference for ruby3.0 issues

---
 data/CVE/2021.list | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/data/CVE/2021.list b/data/CVE/2021.list
index 6621fc4c96..e52a30a678 100644
--- a/data/CVE/2021.list
+++ b/data/CVE/2021.list
@@ -10274,7 +10274,7 @@ CVE-2021-41820
 	RESERVED
 CVE-2021-41819 (CGI::Cookie.parse in Ruby through 2.6.8 mishandles security prefixes i ...)
 	{DLA-2853-1}
-	- ruby3.0 <unfixed>
+	- ruby3.0 <unfixed> (bug #1002995)
 	- ruby2.7 2.7.5-1
 	- ruby2.5 <removed>
 	- ruby2.3 <removed>
@@ -10285,7 +10285,7 @@ CVE-2021-41818
 	RESERVED
 CVE-2021-41817 (Date.parse in the date gem through 3.2.0 for Ruby allows ReDoS (regula ...)
 	{DLA-2853-1}
-	- ruby3.0 <unfixed>
+	- ruby3.0 <unfixed> (bug #1002995)
 	- ruby2.7 2.7.5-1
 	- ruby2.5 <removed>
 	- ruby2.3 <removed>
@@ -10297,7 +10297,7 @@ CVE-2021-41817 (Date.parse in the date gem through 3.2.0 for Ruby allows ReDoS (
 	NOTE: https://github.com/ruby/date/commit/376c65942bd1d81803f14d37351737df60ec4664 (v3.2.2)
 CVE-2021-41816 [Buffer Overrun in CGI.escape_html]
 	RESERVED
-	- ruby3.0 <unfixed>
+	- ruby3.0 <unfixed> (bug #1002995)
 	- ruby2.7 2.7.5-1
 	- ruby2.5 <not-affected> (Vulnerable code introduced later)
 	- ruby2.3 <not-affected> (Vulnerable code introduced later)
-- 
cgit v1.2.3