CVE-2019-20892/net-snmp: reference breaking commit range

as discussed at #963713
author: Sylvain Beucler <beuc@beuc.net> 2020-07-08 12:56:49 +0200
committer: Sylvain Beucler <beuc@beuc.net> 2020-07-08 12:56:55 +0200
commit: c9703abe6c7062fc2b469f707813da5d1ae32d89 (patch)
tree: 30bcd2c8dc35d85f4d721d429ed2dc42513a453f
parent: c13e6defb7836c65a783c11d36650ff2d5170cd9 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/data/CVE/list.2019 b/data/CVE/list.2019
index 7ebef0f16e..ac3aec48ba 100644
--- a/data/CVE/list.2019
+++ b/data/CVE/list.2019
@@ -38,7 +38,7 @@ CVE-2019-20892 (net-snmp before 5.8.1.pre1 has a double free in usm_free_usmStat
 	NOTE: https://github.com/net-snmp/net-snmp/commit/87bd90d04f20dd3f73e3e7e631a442ccd419b9d3
 	NOTE: Extra patches to address memory leaks:
 	NOTE: https://salsa.debian.org/debian/net-snmp/-/merge_requests/3
-	TODO: It is claimed that the issue does not affect older versions than 5.8, but no source evidence has been yet shown
+	NOTE: Introduced in https://github.com/net-snmp/net-snmp/compare/1a0dbe19bf2787bb5bea913f210a9a5eb4c0c80c...e207b8113260fd7d84df0ebdb66925ab70da29b2 (5.8-dev)
 CVE-2019-20891 (WooCommerce before 3.6.5, when it handles CSV imports of products, has ...)
 	NOT-FOR-US: WooCommerce
 CVE-2019-20890 (An issue was discovered in Mattermost Server before 5.7. It allows a b ...)
author	Sylvain Beucler <beuc@beuc.net>	2020-07-08 12:56:49 +0200
committer	Sylvain Beucler <beuc@beuc.net>	2020-07-08 12:56:55 +0200
commit	c9703abe6c7062fc2b469f707813da5d1ae32d89 (patch)
tree	30bcd2c8dc35d85f4d721d429ed2dc42513a453f
parent	c13e6defb7836c65a783c11d36650ff2d5170cd9 (diff)