From aa844e5f946810af24b84650303f9d8795f08454 Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Tue, 20 Oct 2020 07:20:38 +0200
Subject: Add CVE-2020-25648/nss

---
 data/CVE/list | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/data/CVE/list b/data/CVE/list
index b83cc2d530..771d677b39 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -3588,8 +3588,12 @@ CVE-2020-25649
 	- jackson-databind 2.11.1-1
 	NOTE: https://github.com/FasterXML/jackson-databind/issues/2589
 	NOTE: https://github.com/FasterXML/jackson-databind/commit/612f971b78c60202e9cd75a299050c8f2d724a59 (jackson-databind-2.11.0.rc1)
-CVE-2020-25648
+CVE-2020-25648 [Tighten CCS handling for middlebox compatibility mode]
 	RESERVED
+	- nss <unfixed>
+	NOTE: https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.58_release_notes
+	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1641480 (private)
+	NOTE: Fixed by: https://hg.mozilla.org/projects/nss/rev/57bbefa793232586d27cee83e74411171e128361
 CVE-2020-25647
 	RESERVED
 CVE-2020-25646
-- 
cgit v1.2.3