From 47d2b3f9bea09f70d2c02b8cf5acbcd12078a5c2 Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Mon, 30 Nov 2020 21:25:47 +0100
Subject: Add CVE-2020-12695/minidlna

---
 data/CVE/list | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/data/CVE/list b/data/CVE/list
index a0711073d8..c04ff54992 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -40615,10 +40615,12 @@ CVE-2020-12695 (The Open Connectivity Foundation UPnP specification before 2020-
 	[buster] - wpa <no-dsa> (Minor issue)
 	- gupnp 1.2.3-1
 	[buster] - gupnp 1.0.5-0+deb10u1
+	- minidlna <unfixed>
 	NOTE: https://w1.fi/security/2020-1/upnp-subscribe-misbehavior-wps-ap.txt
 	NOTE: https://w1.fi/security/2020-1/0001-WPS-UPnP-Do-not-allow-event-subscriptions-with-URLs-.patch
 	NOTE: https://w1.fi/security/2020-1/0002-WPS-UPnP-Fix-event-message-generation-using-a-long-U.patch
 	NOTE: https://w1.fi/security/2020-1/0003-WPS-UPnP-Handle-HTTP-initiation-failures-for-events-.patch
+	NOTE: https://sourceforge.net/p/minidlna/git/ci/06ee114731612462eb1eb1266f0431ccf59269d2 (v1_3_0)
 CVE-2020-12694
 	RESERVED
 CVE-2020-12693 (Slurm 19.05.x before 19.05.7 and 20.02.x before 20.02.3, in the rare c ...)
-- 
cgit v1.2.3