From 9d75fd4c5f04ae7cff54fd10b7a6aa868738ab9d Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Tue, 7 Apr 2020 18:11:52 +0200
Subject: Add CVE-2020-1759/ceph

---
 data/CVE/list.2020 | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/data/CVE/list.2020 b/data/CVE/list.2020
index 368e43c0ca..dd18c598fc 100644
--- a/data/CVE/list.2020
+++ b/data/CVE/list.2020
@@ -21110,8 +21110,13 @@ CVE-2020-1760 [header-splitting in RGW GetObject has a possible XSS]
 	NOTE: Fixed by: https://github.com/ceph/ceph-ci/commit/18eb4d918b27d362312c29a3bbd57a421897c0a5
 	NOTE: Fixed by: https://github.com/ceph/ceph-ci/commit/1bf14094fec34770d2cc74317f4238ccb2dfef98
 	NOTE: https://www.openwall.com/lists/oss-security/2020/04/07/1
-CVE-2020-1759
+CVE-2020-1759 [ceph: secure mode of msgr2 breaks both confidentiality and integrity aspects for long-lived sessions]
 	RESERVED
+	- ceph <unfixed>
+	NOTE: Introduced with: https://github.com/ceph/ceph-ci/commit/fe387e02b11df98357d8cdbfa3b1f1d5f2bb3f74
+	NOTE: Fixed by: https://github.com/ceph/ceph-ci/commit/84d2e215969cde830b086d11544aeb3666614211
+	NOTE: Fixed by: https://github.com/ceph/ceph-ci/commit/659ec7dc6e30fe961832f813da007f49e603a33d
+	NOTE: https://www.openwall.com/lists/oss-security/2020/04/07/2
 CVE-2020-1758
 	RESERVED
 CVE-2020-1757
-- 
cgit v1.2.3