track gnupg issue not affecting Debian packages

author: Moritz Muehlenhoff <jmm@debian.org> 2020-09-18 15:02:55 +0200
committer: Moritz Muehlenhoff <jmm@debian.org> 2020-09-18 15:03:36 +0200
commit: 8bf68d538b68034c131ffbc3940ed92cb0da1328 (patch)
tree: 18d38e608ce04d58d812d664b6bc0711f8dd34cb
parent: ec3ed05fbc832c43595191f0215aaf189145a88c (diff)
1 files changed, 4 insertions, 0 deletions
diff --git a/data/CVE/2020.list b/data/CVE/2020.list
index df32d87e65..afffcb39d1 100644
--- a/data/CVE/2020.list
+++ b/data/CVE/2020.list
@@ -1,3 +1,7 @@
+CVE-2020-XXXX [gpg: buffer overflow in import of key with AEAD preference]
+	- gnupg2 <not-affected> (Not affected version was ever uploaded to Debian)
+	NOTE: https://dev.gnupg.org/T5050
+	NOTE: https://lists.gnupg.org/pipermail/gnupg-announce/2020q3/000448.html
 CVE-2020-25764
 	RESERVED
 CVE-2020-25763
author	Moritz Muehlenhoff <jmm@debian.org>	2020-09-18 15:02:55 +0200
committer	Moritz Muehlenhoff <jmm@debian.org>	2020-09-18 15:03:36 +0200
commit	8bf68d538b68034c131ffbc3940ed92cb0da1328 (patch)
tree	18d38e608ce04d58d812d664b6bc0711f8dd34cb
parent	ec3ed05fbc832c43595191f0215aaf189145a88c (diff)