From e82fd33dc06d35ba8c624b557675afbe9e17b956 Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Mon, 30 Nov 2020 21:24:11 +0100
Subject: Add CVE-2020-28926/minidlna

---
 data/CVE/list | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/data/CVE/list b/data/CVE/list
index 42fc553731..a0711073d8 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1020,7 +1020,9 @@ CVE-2020-28928 (In musl libc through 1.2.1, wcsnrtombs mishandles particular com
 CVE-2020-28927 (There is a Stored XSS in Magicpin v2.1 in the User Registration sectio ...)
 	NOT-FOR-US: Magicpin
 CVE-2020-28926 (ReadyMedia (aka MiniDLNA) before versions 1.3.0 allows remote code exe ...)
-	TODO: check
+	- minidlna <unfixed>
+	NOTE: https://www.rootshellsecurity.net/remote-heap-corruption-bug-discovery-minidlna/
+	NOTE: https://sourceforge.net/p/minidlna/git/ci/9fba41008adebc1da0f4f6c6e27ae422ace3fe4a (v1_3_0)
 CVE-2020-28925
 	RESERVED
 CVE-2020-28924 (An issue was discovered in Rclone before 1.53.3. Due to the use of a w ...)
-- 
cgit v1.2.3