From 72f1cd656fe0bd161d0c58da16caeefce9a2bb87 Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Wed, 31 Mar 2021 09:09:22 +0200
Subject: Add CVE-2021-20296/openexr

---
 data/CVE/2021.list | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/data/CVE/2021.list b/data/CVE/2021.list
index 773dadc1f9..9bf931146e 100644
--- a/data/CVE/2021.list
+++ b/data/CVE/2021.list
@@ -20623,6 +20623,9 @@ CVE-2021-20297 [Setting match.path and activating a profiles crashes NetworkMana
 	NOTE: https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/commit/420784e342da4883f6debdfe10cde68507b10d27
 CVE-2021-20296
 	RESERVED
+	- openexr <unfixed>
+	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=24854
+	NOTE: https://github.com/AcademySoftwareFoundation/openexr/commit/b0c63c0b96eb9b0d3998f603e12f9f414fb0d44a
 CVE-2021-20295 [Regression of CVE-2020-10756 fix in virt:rhel/qemu-kvm in Red Hat Enterprise Linux 8.3]
 	RESERVED
 	- qemu <not-affected> (RHEL 8.3 specific security regression)
-- 
cgit v1.2.3