From d3da8429be275fd185390db11440207a3d13c850 Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Wed, 31 Mar 2021 22:38:54 +0200
Subject: Add CVE-2021-347{7,8}/openexr

---
 data/CVE/2021.list | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/data/CVE/2021.list b/data/CVE/2021.list
index 14023deafc..3d231e9f2b 100644
--- a/data/CVE/2021.list
+++ b/data/CVE/2021.list
@@ -50,8 +50,14 @@ CVE-2021-3479 (There's a flaw in OpenEXR's Scanline API functionality in version
 	NOTE: https://github.com/AcademySoftwareFoundation/openexr/commit/d80f11f4f55100d007ae80a162bf257ec291612c
 	NOTE: https://github.com/AcademySoftwareFoundation/openexr/pull/830
 CVE-2021-3478 (There's a flaw in OpenEXR's scanline input file functionality in versi ...)
+	- openexr <unfixed>
+	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=27409
+	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1939160
 	TODO: check
 CVE-2021-3477 (There's a flaw in OpenEXR's deep tile sample size calculations in vers ...)
+	- openexr <unfixed>
+	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=26956
+	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1939159
 	TODO: check
 CVE-2021-29645
 	RESERVED
-- 
cgit v1.2.3