From e9def7c55afcf039889bd06a2c0b657a72b8e888 Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Wed, 14 Oct 2020 12:02:33 +0200
Subject: Update information on CVE-2020-1235{1,2} and CVE-2020-24490

---
 active/CVE-2020-12351 | 4 +++-
 active/CVE-2020-12352 | 4 +++-
 active/CVE-2020-24490 | 4 +++-
 3 files changed, 9 insertions(+), 3 deletions(-)

diff --git a/active/CVE-2020-12351 b/active/CVE-2020-12351
index 5deee40d..652b263e 100644
--- a/active/CVE-2020-12351
+++ b/active/CVE-2020-12351
@@ -14,7 +14,9 @@ Notes:
  carnil> which are not yet in mainline, and
  carnil> a2ec905d1e16 ("Bluetooth: fix kernel oops in
  carnil> store_pending_adv_report") which is in 5.8 (and which was
- carnil> backported to 5.7.13, 5.4.56 and 4.19.137).
+ carnil> backported to 5.7.13, 5.4.56 and 4.19.137). This commit fixes
+ carnil> c215e9397b00 ("Bluetooth: Process extended ADV report event")
+ carnil> which is in 4.19-rc1 but not backported to other stable series.
  carnil> The "fixed version" information in INTEL-SA-00435 is thus as
  carnil> well contradictory as it mentions the issue to be fixed in 5.9
  carnil> or later.
diff --git a/active/CVE-2020-12352 b/active/CVE-2020-12352
index 5deee40d..652b263e 100644
--- a/active/CVE-2020-12352
+++ b/active/CVE-2020-12352
@@ -14,7 +14,9 @@ Notes:
  carnil> which are not yet in mainline, and
  carnil> a2ec905d1e16 ("Bluetooth: fix kernel oops in
  carnil> store_pending_adv_report") which is in 5.8 (and which was
- carnil> backported to 5.7.13, 5.4.56 and 4.19.137).
+ carnil> backported to 5.7.13, 5.4.56 and 4.19.137). This commit fixes
+ carnil> c215e9397b00 ("Bluetooth: Process extended ADV report event")
+ carnil> which is in 4.19-rc1 but not backported to other stable series.
  carnil> The "fixed version" information in INTEL-SA-00435 is thus as
  carnil> well contradictory as it mentions the issue to be fixed in 5.9
  carnil> or later.
diff --git a/active/CVE-2020-24490 b/active/CVE-2020-24490
index 5deee40d..652b263e 100644
--- a/active/CVE-2020-24490
+++ b/active/CVE-2020-24490
@@ -14,7 +14,9 @@ Notes:
  carnil> which are not yet in mainline, and
  carnil> a2ec905d1e16 ("Bluetooth: fix kernel oops in
  carnil> store_pending_adv_report") which is in 5.8 (and which was
- carnil> backported to 5.7.13, 5.4.56 and 4.19.137).
+ carnil> backported to 5.7.13, 5.4.56 and 4.19.137). This commit fixes
+ carnil> c215e9397b00 ("Bluetooth: Process extended ADV report event")
+ carnil> which is in 4.19-rc1 but not backported to other stable series.
  carnil> The "fixed version" information in INTEL-SA-00435 is thus as
  carnil> well contradictory as it mentions the issue to be fixed in 5.9
  carnil> or later.
-- 
cgit v1.2.3