From 7cad12340590d87b055878a1401d66689149c763 Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Sat, 15 Feb 2020 11:35:18 +0100
Subject: Add reference to upstream fix for CVE-2020-8632/cloud-init

---
 data/CVE/list | 1 +
 1 file changed, 1 insertion(+)

diff --git a/data/CVE/list b/data/CVE/list
index cb239c19ee..00ab5ab9be 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -790,6 +790,7 @@ CVE-2020-8632 (In cloud-init through 19.4, rand_user_password in cloudinit/confi
 	[stretch] - cloud-init <no-dsa> (Minor issue)
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/cloud-init/+bug/1860795
 	NOTE: https://github.com/canonical/cloud-init/pull/189
+	NOTE: https://github.com/canonical/cloud-init/commit/42788bf24a1a0a5421a2d00a7f59b59e38ba1a14
 CVE-2020-8631 (cloud-init through 19.4 relies on Mersenne Twister for a random passwo ...)
 	- cloud-init <unfixed>
 	[buster] - cloud-init <no-dsa> (Minor issue)
-- 
cgit v1.2.3