From 10945ebfe6838a04a20ceb24cbf13b6cd5abbbbb Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Wed, 14 Apr 2021 10:16:25 +0200
Subject: Add CVE-2020-36322 and add note for CVE-2021-28950

---
 active/CVE-2020-36322 | 13 +++++++++++++
 1 file changed, 13 insertions(+)
 create mode 100644 active/CVE-2020-36322

(limited to 'active/CVE-2020-36322')

diff --git a/active/CVE-2020-36322 b/active/CVE-2020-36322
new file mode 100644
index 000000000..d84506352
--- /dev/null
+++ b/active/CVE-2020-36322
@@ -0,0 +1,13 @@
+Description: fuse: fix bad inode
+References:
+Notes:
+ carnil> Note that this CVE relates as well to CVE-2021-28950, which is
+ carnil> assigned because of an initial incomplete fix for this CVE.
+Bugs:
+upstream: released (5.11-rc1) [5d069dbe8aaf2a197142558b6fb2978189ba3454]
+5.10-upstream-stable: released (5.10.6) [36cf9ae54b0ead0daab7701a994de3dcd9ef605d]
+4.19-upstream-stable:
+4.9-upstream-stable:
+sid: released (5.10.9-1)
+4.19-buster-security:
+4.9-stretch-security:
-- 
cgit v1.2.3