From 98b1a8b0d80674103bc72de11ef172fa34d07256 Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Fri, 15 Oct 2021 09:50:42 +0200
Subject: Add CVE-2021-3882/ledgersmb

---
 data/CVE/2021.list | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/data/CVE/2021.list b/data/CVE/2021.list
index fe07c93bbf..233cb2e7d2 100644
--- a/data/CVE/2021.list
+++ b/data/CVE/2021.list
@@ -273,7 +273,9 @@ CVE-2021-42264
 CVE-2021-42263
 	RESERVED
 CVE-2021-3882 (LedgerSMB does not set the 'Secure' attribute on the session authoriza ...)
-	TODO: check
+	- ledgersmb <not-affected> (Vulnerable code introduced later)
+	NOTE: https://huntr.dev/bounties/7061d97a-98a5-495a-8ba0-3a4c66091e9d/
+	NOTE: https://ledgersmb.org/content/security-advisory-cve-2021-3882-non-secure-session-cookie
 CVE-2021-3881
 	RESERVED
 CVE-2021-3880
-- 
cgit v1.2.3