From c42525a75d057cf1e5d3fc6963e6bdac66c42446 Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Tue, 7 Apr 2020 14:58:21 +0200
Subject: Add references to fixing commits in various branches for
 CVE-2019-18348

---
 data/CVE/list.2019 | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/data/CVE/list.2019 b/data/CVE/list.2019
index 7bbc610774..550af309ad 100644
--- a/data/CVE/list.2019
+++ b/data/CVE/list.2019
@@ -5989,6 +5989,10 @@ CVE-2019-18348 (An issue was discovered in urllib2 in Python 2.x through 2.7.17
 	- python3.5 <removed> (unimportant)
 	- python3.4 <removed> (unimportant)
 	- python2.7 2.7.18~rc1-1 (unimportant)
+	NOTE: https://github.com/python/cpython/commit/9165addc22d05e776a54319a8531ebd0b2fe01ef (master)
+	NOTE: https://github.com/python/cpython/commit/ff69c9d12c1b06af58e5eae5db4630cedd94740e (3.8 branch)
+	NOTE: https://github.com/python/cpython/commit/34f85af3229f86c004a954c3f261ceea1f5e9f95 (3.7 branch)
+	NOTE: https://github.com/python/cpython/commit/e176e0c105786e9f476758eb5438c57223b65e7f (v2.7.18rc1)
 	NOTE: https://bugs.python.org/issue38576
 	NOTE: Issue only exploitable if CVE-2016-10739 is unfixed in src:glibc. This is
 	NOTE: not the case in all suites, but the issue is minor in general and would
-- 
cgit v1.2.3