Add CVE-2020-25648/nss

author: Salvatore Bonaccorso <carnil@debian.org> 2020-10-20 07:20:38 +0200
committer: Salvatore Bonaccorso <carnil@debian.org> 2020-10-20 07:23:57 +0200
commit: dc79ab546b9420359ec4437738af6857876dc072 (patch)
tree: adfcf772069950182d6e3f2b2b34791d1c8eaa28
parent: d383e0bc834012fa5b7fd495485ec479a3b28371 (diff)
1 files changed, 5 insertions, 1 deletions
diff --git a/data/CVE/list.2020 b/data/CVE/list.2020
index aa2b5a9ad4..0165da458d 100644
--- a/data/CVE/list.2020
+++ b/data/CVE/list.2020
@@ -3545,8 +3545,12 @@ CVE-2020-25649
 	- jackson-databind 2.11.1-1
 	NOTE: https://github.com/FasterXML/jackson-databind/issues/2589
 	NOTE: https://github.com/FasterXML/jackson-databind/commit/612f971b78c60202e9cd75a299050c8f2d724a59 (jackson-databind-2.11.0.rc1)
-CVE-2020-25648
+CVE-2020-25648 [Tighten CCS handling for middlebox compatibility mode]
 	RESERVED
+	- nss <unfixed>
+	NOTE: https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.58_release_notes
+	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1641480 (private)
+	NOTE: Fixed by: https://hg.mozilla.org/projects/nss/rev/57bbefa793232586d27cee83e74411171e128361
 CVE-2020-25647
 	RESERVED
 CVE-2020-25646
author	Salvatore Bonaccorso <carnil@debian.org>	2020-10-20 07:20:38 +0200
committer	Salvatore Bonaccorso <carnil@debian.org>	2020-10-20 07:23:57 +0200
commit	dc79ab546b9420359ec4437738af6857876dc072 (patch)
tree	adfcf772069950182d6e3f2b2b34791d1c8eaa28
parent	d383e0bc834012fa5b7fd495485ec479a3b28371 (diff)