From d5e7751e33d74d0fec1c8bc0f870ba3a47acf02d Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Wed, 23 Sep 2020 22:39:14 +0200
Subject: Add CVE-2020-11031/glpi

---
 data/CVE/2020.list | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/data/CVE/2020.list b/data/CVE/2020.list
index ac8095a671..63cae552ac 100644
--- a/data/CVE/2020.list
+++ b/data/CVE/2020.list
@@ -32392,7 +32392,10 @@ CVE-2020-11032 (In GLPI before version 9.4.6, there is a SQL injection vulnerabi
 	NOTE: https://github.com/glpi-project/glpi/security/advisories/GHSA-344w-34h9-wwhh
 	NOTE: Only supported behind an authenticated HTTP zone
 CVE-2020-11031 (In GLPI before version 9.5.0, the encryption algorithm used is insecur ...)
-	TODO: check
+	- glpi <removed> (unimportant)
+	NOTE: https://github.com/glpi-project/glpi/security/advisories/GHSA-7xwm-4vjr-jvqh
+	NOTE: https://github.com/glpi-project/glpi/commit/f1ae6c8481e5c19a6f1801a5548cada45702e01a#diff-b5d0ee8c97c7abd7e3fa29b9a27d1780
+	NOTE: Only supported behind an authenticated HTTP zone
 CVE-2020-11030 (In affected versions of WordPress, a special payload can be crafted th ...)
 	- wordpress 5.4.1+dfsg1-1 (bug #959391)
 	[buster] - wordpress <not-affected> (Vulnerable code not present)
-- 
cgit v1.2.3