From 232b15941400e61ad555a9934bd580863d909975 Mon Sep 17 00:00:00 2001
From: Moritz Muehlenhoff <jmm@debian.org>
Date: Tue, 28 Jan 2020 16:31:20 -0800
Subject: new open info leak

---
 active/CVE-2020-8428 | 13 +++++++++++++
 1 file changed, 13 insertions(+)
 create mode 100644 active/CVE-2020-8428

diff --git a/active/CVE-2020-8428 b/active/CVE-2020-8428
new file mode 100644
index 00000000..40a1c53c
--- /dev/null
+++ b/active/CVE-2020-8428
@@ -0,0 +1,13 @@
+Description: user-triggerable read-after-free crash or 1-bit infoleak oracle in open(2)
+References:
+ https://www.openwall.com/lists/oss-security/2020/01/28/2
+Notes:
+Bugs:
+upstream: released (5.5) [d0cb50185ae9]
+4.19-upstream-stable: needed
+4.9-upstream-stable: N/A "Introduced in 4.19 with 30aba6656f61"
+3.16-upstream-stable: N/A "Introduced in 4.19 with 30aba6656f61"
+sid: needed
+4.19-buster-security: needed
+4.9-stretch-security: N/A "Introduced in 4.19 with 30aba6656f61"
+3.16-jessie-security: N/A "Introduced in 4.19 with 30aba6656f61"
-- 
cgit v1.2.3