From dc77fe06c0f543ed6bfab3f6326c9bfc9a2a0e59 Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Thu, 25 Jun 2020 09:24:59 +0200
Subject: Add CVE-2020-14305

---
 active/CVE-2020-14305 | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)
 create mode 100644 active/CVE-2020-14305

diff --git a/active/CVE-2020-14305 b/active/CVE-2020-14305
new file mode 100644
index 00000000..2b20ba37
--- /dev/null
+++ b/active/CVE-2020-14305
@@ -0,0 +1,17 @@
+Description: netfilter: nf_conntrack_h323: lost .data_len definition for Q.931/ipv6
+References:
+ https://bugzilla.redhat.com/show_bug.cgi?id=1850716
+ https://patchwork.ozlabs.org/project/netfilter-devel/patch/c2385b5c-309c-cc64-2e10-a0ef62897502@virtuozzo.com/
+Notes:
+ carnil> In mainline the problem went away after commit 9f0f3ebeda47
+ carnil> ("netfilter: helpers: remove data_len usage
+for inkernel helpers") in 4.12-rc1.
+Bugs:
+upstream: released (4.12-rc1) [9f0f3ebeda47a5518817f33c40f6d3ea9c0275b8]
+4.19-upstream-stable: N/A "Fixed before branching point"
+4.9-upstream-stable: needed
+3.16-upstream-stable: needed
+sid: released (4.12.6-1)
+4.19-buster-security: N/A "Fixed before branching point"
+4.9-stretch-security: needed
+3.16-jessie-security: needed
-- 
cgit v1.2.3