From 80d438fa5125bf5d982968865bce5ae9f93dab75 Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Mon, 8 Feb 2021 21:54:01 +0100
Subject: Update information for CVE-2019-10069/godot

---
 data/CVE/2019.list | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

(limited to 'data/CVE/2019.list')

diff --git a/data/CVE/2019.list b/data/CVE/2019.list
index 346458f240..8d83d016be 100644
--- a/data/CVE/2019.list
+++ b/data/CVE/2019.list
@@ -28768,7 +28768,10 @@ CVE-2019-10071 (The code which checks HMAC in form submissions used String.equal
 CVE-2019-10070 (Apache Atlas versions 0.8.3 and 1.1.0 were found vulnerable to Stored  ...)
 	NOT-FOR-US: Apache Atlas
 CVE-2019-10069 (In Godot through 3.1, remote code execution is possible due to the des ...)
-	NOT-FOR-US: Godot
+	- godot 3.2-stable-1
+	NOTE: https://github.com/godotengine/godot/pull/27398
+	NOTE: https://github.com/godotengine/godot/commit/e3bd84fa571661d76fc8458d65bb053988e934a6 (3.2-stable)
+	NOTE: For 3.0: https://github.com/godotengine/godot/commit/0c4881f1dbfe4feab879b4f0fe031b735ddc1f9f
 CVE-2019-10068 (An issue was discovered in Kentico 12.0.x before 12.0.15, 11.0.x befor ...)
 	NOT-FOR-US: Kentico
 CVE-2019-10067 (An issue was discovered in Open Ticket Request System (OTRS) 7.x throu ...)
-- 
cgit v1.2.3