Add CVE-2020-28926/minidlna

author: Salvatore Bonaccorso <carnil@debian.org> 2020-11-30 21:24:11 +0100
committer: Salvatore Bonaccorso <carnil@debian.org> 2020-11-30 21:24:11 +0100
commit: e82fd33dc06d35ba8c624b557675afbe9e17b956 (patch)
tree: 766816e3efcd575ceaebacf031f1a9b082d5631e
parent: 29de76087d29084e49d8be408c7b2ac57ad589ee (diff)
1 files changed, 3 insertions, 1 deletions
diff --git a/data/CVE/list b/data/CVE/list
index 42fc553731..a0711073d8 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1020,7 +1020,9 @@ CVE-2020-28928 (In musl libc through 1.2.1, wcsnrtombs mishandles particular com
 CVE-2020-28927 (There is a Stored XSS in Magicpin v2.1 in the User Registration sectio ...)
 	NOT-FOR-US: Magicpin
 CVE-2020-28926 (ReadyMedia (aka MiniDLNA) before versions 1.3.0 allows remote code exe ...)
-	TODO: check
+	- minidlna <unfixed>
+	NOTE: https://www.rootshellsecurity.net/remote-heap-corruption-bug-discovery-minidlna/
+	NOTE: https://sourceforge.net/p/minidlna/git/ci/9fba41008adebc1da0f4f6c6e27ae422ace3fe4a (v1_3_0)
 CVE-2020-28925
 	RESERVED
 CVE-2020-28924 (An issue was discovered in Rclone before 1.53.3. Due to the use of a w ...)
author	Salvatore Bonaccorso <carnil@debian.org>	2020-11-30 21:24:11 +0100
committer	Salvatore Bonaccorso <carnil@debian.org>	2020-11-30 21:24:11 +0100
commit	e82fd33dc06d35ba8c624b557675afbe9e17b956 (patch)
tree	766816e3efcd575ceaebacf031f1a9b082d5631e
parent	29de76087d29084e49d8be408c7b2ac57ad589ee (diff)