From df7ec95bffd8b12fb4260351adb4c229487e397a Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Wed, 29 Jan 2020 09:48:56 +0100
Subject: Track MariaDB as well for CVE-2020-2574

All MariaDB updates are actually very intransparent. Upstream apparently
consider CVE-2020-2574 as well various other MariaDB versions
(apparently but any other CVE from the Oracle CPU from January?) and
fixed in 5.5.67, 10.1.44, 10.2.31, 10.3.22 and 10.4.12.

Add tracking for src:mariadb-10.3 and src:mariadb-10.1 repsectively.
---
 data/CVE/2020.list | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/data/CVE/2020.list b/data/CVE/2020.list
index bf1fae8508..51e90d4994 100644
--- a/data/CVE/2020.list
+++ b/data/CVE/2020.list
@@ -11929,7 +11929,10 @@ CVE-2020-2575
 	RESERVED
 CVE-2020-2574 (Vulnerability in the MySQL Client product of Oracle MySQL (component:  ...)
 	- mysql-5.7 <unfixed> (bug #949994)
+	- mariadb-10.3 1:10.3.22-1
+	- mariadb-10.1 <removed>
 	NOTE: https://www.oracle.com/security-alerts/cpujan2020.html#AppendixMSQL
+	NOTE: Fixed in MariaDB: 5.5.67, 10.1.44, 10.2.31, 10.3.22, 10.4.12
 CVE-2020-2573 (Vulnerability in the MySQL Client product of Oracle MySQL (component:  ...)
 	- mysql-5.7 <unfixed> (bug #949994)
 	NOTE: https://www.oracle.com/security-alerts/cpujan2020.html#AppendixMSQL
-- 
cgit v1.2.3