From 97e4775fafb0c0a1db168f30603085d7253222b9 Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Tue, 4 Jan 2022 13:30:56 +0100
Subject: Add three new python-django CVEs

---
 data/CVE/2021.list | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/data/CVE/2021.list b/data/CVE/2021.list
index d389b6bbb0..f1a164712b 100644
--- a/data/CVE/2021.list
+++ b/data/CVE/2021.list
@@ -1664,8 +1664,10 @@ CVE-2021-45454
 	RESERVED
 CVE-2021-45453
 	RESERVED
-CVE-2021-45452
+CVE-2021-45452 [Potential directory-traversal via Storage.save()]
 	RESERVED
+	- python-django <unfixed> (bug #1003113)
+	NOTE: https://www.djangoproject.com/weblog/2022/jan/04/security-releases/
 CVE-2021-4150 [Block subsystem mishandles reference counts]
 	RESERVED
 	- linux 5.15.3-1
@@ -2432,10 +2434,14 @@ CVE-2021-45118
 	RESERVED
 CVE-2021-45117
 	RESERVED
-CVE-2021-45116
+CVE-2021-45116 [Potential information disclosure in dictsort template filter]
 	RESERVED
-CVE-2021-45115
+	- python-django <unfixed> (bug #1003113)
+	NOTE: https://www.djangoproject.com/weblog/2022/jan/04/security-releases/
+CVE-2021-45115 [Denial-of-service possibility in UserAttributeSimilarityValidator]
 	RESERVED
+	- python-django <unfixed> (bug #1003113)
+	NOTE: https://www.djangoproject.com/weblog/2022/jan/04/security-releases/
 CVE-2021-45106
 	RESERVED
 CVE-2021-44463
-- 
cgit v1.2.3