From 87fad161e38ba2b1964503e6cba5b17ea314311a Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Mon, 1 Nov 2021 21:08:47 +0100
Subject: Update trackng for CVE-2011-412{4,5,6}

---
 data/CVE/2011.list | 18 ++++++++++++------
 1 file changed, 12 insertions(+), 6 deletions(-)

diff --git a/data/CVE/2011.list b/data/CVE/2011.list
index 4747a73489..ec117e233f 100644
--- a/data/CVE/2011.list
+++ b/data/CVE/2011.list
@@ -2787,14 +2787,20 @@ CVE-2011-4127 (The Linux kernel before 3.2.2 does not properly restrict SG_IO io
 	- libguestfs 1:1.14.8-1
 	- linux-2.6 <removed>
 CVE-2011-4126 (Race condition issues were found in Calibre at devices/linux_mount_hel ...)
-	- calibre 0.6.54+dfsg-1 (bug #584915)
-	NOTE: Vulnerable code removed upstream at version 1.10, removed by Debian packaging prior to that.
+	- calibre 1.5.0+dfsg-1 (bug #584915)
+	NOTE: Vulnerable code removed upstream at version 1.4.0
+	NOTE: https://github.com/kovidgoyal/calibre/commit/7d54d25844efebfb3d6de2bb2b9af77dbf72d8b8 (v1.4.0)
+	NOTE: Removed by Debian packaging in 0.6.54+dfsg-1.
 CVE-2011-4125 (A untrusted search path issue was found in Calibre at devices/linux_mo ...)
-	- calibre 0.6.54+dfsg-1 (bug #584915)
-	NOTE: Vulnerable code removed upstream at version 1.10, removed by Debian packaging prior to that.
+	- calibre 1.5.0+dfsg-1 (bug #584915)
+	NOTE: Vulnerable code removed upstream at version 1.4.0
+	NOTE: https://github.com/kovidgoyal/calibre/commit/7d54d25844efebfb3d6de2bb2b9af77dbf72d8b8 (v1.4.0)
+	NOTE: Removed by Debian packaging in 0.6.54+dfsg-1.
 CVE-2011-4124 (Input validation issues were found in Calibre at devices/linux_mount_h ...)
-	- calibre 0.6.54+dfsg-1 (bug #584915)
-	NOTE: Vulnerable code removed upstream at version 1.10, removed by Debian packaging prior to that.
+	- calibre 1.5.0+dfsg-1 (bug #584915)
+	NOTE: Vulnerable code removed upstream at version 1.4.0
+	NOTE: https://github.com/kovidgoyal/calibre/commit/7d54d25844efebfb3d6de2bb2b9af77dbf72d8b8 (v1.4.0)
+	NOTE: Removed by Debian packaging in 0.6.54+dfsg-1.
 CVE-2011-4123
 	REJECTED
 CVE-2011-4122 (Directory traversal vulnerability in openpam_configure.c in OpenPAM be ...)
-- 
cgit v1.2.3