From 80b97cda401e085884712386d709fb7360c192ee Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Fri, 3 Dec 2021 13:44:51 +0100
Subject: Add CVE-2021-3657/isync

---
 data/CVE/2021.list | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/data/CVE/2021.list b/data/CVE/2021.list
index 73ce361606..cf0ed29184 100644
--- a/data/CVE/2021.list
+++ b/data/CVE/2021.list
@@ -17489,8 +17489,10 @@ CVE-2021-37152 (Multiple XSS issues exist in Sonatype Nexus Repository Manager 3
 	NOT-FOR-US: Sonatype
 CVE-2021-37151 (CyberArk Identity 21.5.131, when handling an invalid authentication at ...)
 	NOT-FOR-US: CyberArk Identity
-CVE-2021-3657
+CVE-2021-3657 [multiple buffer overflows in isync/mbsync]
 	RESERVED
+	- isync <unfixed>
+	NOTE: https://www.openwall.com/lists/oss-security/2021/12/03/1
 CVE-2021-37159 (hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel throu ...)
 	{DLA-2785-1}
 	- linux 5.14.6-1
-- 
cgit v1.2.3