From 8bf68d538b68034c131ffbc3940ed92cb0da1328 Mon Sep 17 00:00:00 2001
From: Moritz Muehlenhoff <jmm@debian.org>
Date: Fri, 18 Sep 2020 15:02:55 +0200
Subject: track gnupg issue not affecting Debian packages

---
 data/CVE/2020.list | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/data/CVE/2020.list b/data/CVE/2020.list
index df32d87e65..afffcb39d1 100644
--- a/data/CVE/2020.list
+++ b/data/CVE/2020.list
@@ -1,3 +1,7 @@
+CVE-2020-XXXX [gpg: buffer overflow in import of key with AEAD preference]
+	- gnupg2 <not-affected> (Not affected version was ever uploaded to Debian)
+	NOTE: https://dev.gnupg.org/T5050
+	NOTE: https://lists.gnupg.org/pipermail/gnupg-announce/2020q3/000448.html
 CVE-2020-25764
 	RESERVED
 CVE-2020-25763
-- 
cgit v1.2.3