track gnupg issue not affecting Debian packages

author: Moritz Muehlenhoff <jmm@debian.org> 2020-09-18 15:02:55 +0200
committer: Moritz Muehlenhoff <jmm@debian.org> 2020-09-18 15:03:36 +0200
commit: d14bb27f3724c24c4a557da6a46ed413dc6d9fdb (patch)
tree: a2c23d49a14bc151602174b5d7a5d27d63f912a8
parent: cd65ddbebab92dae67a4fd0ee073ac1326fc78df (diff)
1 files changed, 4 insertions, 0 deletions
diff --git a/data/CVE/list.2020 b/data/CVE/list.2020
index df32d87e65..afffcb39d1 100644
--- a/data/CVE/list.2020
+++ b/data/CVE/list.2020
@@ -1,3 +1,7 @@
+CVE-2020-XXXX [gpg: buffer overflow in import of key with AEAD preference]
+	- gnupg2 <not-affected> (Not affected version was ever uploaded to Debian)
+	NOTE: https://dev.gnupg.org/T5050
+	NOTE: https://lists.gnupg.org/pipermail/gnupg-announce/2020q3/000448.html
 CVE-2020-25764
 	RESERVED
 CVE-2020-25763
author	Moritz Muehlenhoff <jmm@debian.org>	2020-09-18 15:02:55 +0200
committer	Moritz Muehlenhoff <jmm@debian.org>	2020-09-18 15:03:36 +0200
commit	d14bb27f3724c24c4a557da6a46ed413dc6d9fdb (patch)
tree	a2c23d49a14bc151602174b5d7a5d27d63f912a8
parent	cd65ddbebab92dae67a4fd0ee073ac1326fc78df (diff)