From 7e9942841968d5d1faa5c2d7549ee15a1addd3d9 Mon Sep 17 00:00:00 2001
From: Shengjing Zhu <zhsj@debian.org>
Date: Tue, 1 Dec 2020 12:13:42 +0800
Subject: Update CVE-2020-15257 and CVE-2020-15157 info

---
 data/CVE/list | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/data/CVE/list b/data/CVE/list
index cb38b1a12e..81af2596a6 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -33699,7 +33699,8 @@ CVE-2020-15258 (In Wire before 3.20.x, `shell.openExternal` was used without che
 	NOT-FOR-US: Wire app
 CVE-2020-15257
 	RESERVED
-	- containerd <unfixed>
+	- containerd 1.4.3~ds1-1
+	- docker.io <unfixed>
 	NOTE: https://github.com/containerd/containerd/security/advisories/GHSA-36xw-fx78-c5r4
 	TODO: check details
 CVE-2020-15256 (A prototype pollution vulnerability has been found in `object-path` &l ...)
@@ -33953,7 +33954,7 @@ CVE-2020-15157 (In containerd (an industry-standard container runtime) before ve
 	NOTE: https://www.openwall.com/lists/oss-security/2020/10/15/1
 	NOTE: https://github.com/containerd/containerd/security/advisories/GHSA-742w-89gc-8m9c
 	NOTE: https://github.com/containerd/containerd/commit/1ead8d9deb3b175bf40413b8c47b3d19c2262726 (v1.2.14)
-	NOTE: docker.io switched to systemwide containerd packages in 19.03.12+dfsg1-1
+	NOTE: docker.io switched to systemwide containerd packages in 20.10.0~rc1+dfsg2-1
 CVE-2020-15156 (In nodebb-plugin-blog-comments before version 0.7.0, a logged in user  ...)
 	NOT-FOR-US: nodebb-plugin-blog-comments
 CVE-2020-15155 (baserCMS 4.3.6 and earlier is affected by Cross Site Scripting (XSS) v ...)
-- 
cgit v1.2.3