From 53d9a92cd83018b3f26446167b0ec919b3896a1f Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Fri, 16 Oct 2020 23:10:19 +0200
Subject: Expand note on fixing commit for CVE-2020-1235{1,2}

---
 active/CVE-2020-12351 | 4 ++++
 active/CVE-2020-12352 | 4 ++++
 2 files changed, 8 insertions(+)

diff --git a/active/CVE-2020-12351 b/active/CVE-2020-12351
index fb0ddbe5..8a547910 100644
--- a/active/CVE-2020-12351
+++ b/active/CVE-2020-12351
@@ -21,6 +21,10 @@ Notes:
  carnil> The "fixed version" information in INTEL-SA-00435 is thus as
  carnil> well contradictory as it mentions the issue to be fixed in 5.9
  carnil> or later.
+ carnil> CVE-2020-12351 is specifically referred to f19425641cb2
+ carnil> ("Bluetooth: L2CAP: Fix calling sk_filter on non-socket based
+ carnil> channel") and is backported to 5.9.1, 5.8.16, 4.19.152, 4.9.240
+ carnil> (and other stable versions).
 Bugs:
 upstream: pending [f19425641cb2572a33cb074d5e30283720bd4d22]
 4.19-upstream-stable: needed
diff --git a/active/CVE-2020-12352 b/active/CVE-2020-12352
index b3b0888c..624863cb 100644
--- a/active/CVE-2020-12352
+++ b/active/CVE-2020-12352
@@ -21,6 +21,10 @@ Notes:
  carnil> The "fixed version" information in INTEL-SA-00435 is thus as
  carnil> well contradictory as it mentions the issue to be fixed in 5.9
  carnil> or later.
+ carnil> CVE-2020-12352 is specifically referred to eddb7732119d
+ carnil> ("Bluetooth: A2MP: Fix not initializing all members") and is
+ carnil> backported to 5.9.1, 5.8.16, 4.19.152, 4.9.240 (and other
+ carnil> stable versions).
 Bugs:
 upstream: pending [eddb7732119d53400f48a02536a84c509692faa8]
 4.19-upstream-stable: needed
-- 
cgit v1.2.3