note mp3gain fixes

1 files changed, 2 insertions, 2 deletions

diff --git a/data/CVE/list b/data/CVE/list
index fff9c73fde..e4945d9c0a 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -83683,7 +83683,7 @@ CVE-2019-18361 (JetBrains IntelliJ IDEA before 2019.2 allows local user privileg
 CVE-2019-18360 (In JetBrains Hub versions earlier than 2019.1.11738, username enumerat ...)
 	NOT-FOR-US: JetBrains
 CVE-2019-18359 (A buffer over-read was discovered in ReadMP3APETag in apetag.c in MP3G ...)
-	- mp3gain <unfixed> (bug #973932)
+	- mp3gain 1.6.2-2 (bug #973932)
 	NOTE: SuSE fix: https://build.opensuse.org/package/view_file/openSUSE:Maintenance:12304/mp3gain.openSUSE_Leap_15.1_Update/0001-fix-security-bugs.patch?rev=0db47562b2545871d0be3fc88083e0cd
 	NOTE: Caught by ASAN according to CVE. mp3gain is compiled with ASAN on: amd64 i386 armel armhf powerpc
 CVE-2019-18358
@@ -162423,7 +162423,7 @@ CVE-2018-10778 (Read access violation in the III_dequantize_sample function in m
 	- mp3gain 1.6.2-1
 	[wheezy] - mp3gain <end-of-life> (Not supported in Wheezy)
 CVE-2018-10777 (Buffer overflow in the WriteMP3GainAPETag function in apetag.c in mp3g ...)
-	- mp3gain <unfixed> (bug #973932)
+	- mp3gain 1.6.2-2 (bug #973932)
 	[wheezy] - mp3gain <end-of-life> (Not supported in Wheezy)
 	NOTE: Fixed according to https://sourceforge.net/p/mp3gain/bugs/43/ but still causes crash with ASAN
 	NOTE: According to the CVE this is caught by FORTIFY_SOURCE, so no real vulnerability.