From 00fcc0c6ca858b0010f1709f22cd2e5ac825a10b Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Sun, 16 Feb 2020 08:27:56 +0100
Subject: Add TODO item for CVE-2013-4448

---
 data/CVE/list.2013 | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/data/CVE/list.2013 b/data/CVE/list.2013
index ab1cefa4e1..458c97a78c 100644
--- a/data/CVE/list.2013
+++ b/data/CVE/list.2013
@@ -7884,7 +7884,7 @@ CVE-2013-4449 (The rwm overlay in OpenLDAP 2.4.23, 2.4.36, and earlier does not
 	NOTE: http://www.openldap.org/its/index.cgi/Incoming?id=7723
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1019490
 CVE-2013-4448 (echoping through 6.0.2 has buffer overflow vulnerabilities ...)
-	TODO: check
+	TODO: contacted MITRE, should be rejected, cf. https://www.openwall.com/lists/oss-security/2013/10/21/9
 CVE-2013-4447 (Cross-site scripting (XSS) vulnerability in the API in the Simplenews  ...)
 	NOT-FOR-US: Simplenews Drupal contributed module
 CVE-2013-4446 (The _json_decode function in plugins/context_reaction_block.inc in the ...)
-- 
cgit v1.2.3