Add CVE-2019-20433/aspell

author: Salvatore Bonaccorso <carnil@debian.org> 2020-01-27 21:31:17 +0100
committer: Salvatore Bonaccorso <carnil@debian.org> 2020-01-27 21:33:12 +0100
commit: aa2ac03c5e8a69075e674f5237c61a85dc1f7d8c (patch)
tree: a96c313df39ee4523fecb9f516c191d7d8e5a75e /data
parent: 2eccf5fc472cd7948c8eea3879681087bd911422 (diff)
1 files changed, 4 insertions, 1 deletions
diff --git a/data/CVE/list b/data/CVE/list
index 49f756c1aa..c772978635 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -165,7 +165,10 @@ CVE-2020-8005
 CVE-2020-8004
 	RESERVED
 CVE-2019-20433 (libaspell.a in GNU Aspell before 0.60.8 has a buffer over-read for a s ...)
-	TODO: check
+	- aspell 0.60.7-3 (bug #935128)
+	NOTE: http://aspell.net/buffer-overread-ucs.txt
+	NOTE: Fixed by: https://github.com/GNUAspell/aspell/commit/de29341638833ba7717bd6b5e6850998454b044b
+	NOTE: Recommended additionally: https://github.com/GNUAspell/aspell/commit/cefd447e5528b08bb0cd6656bc52b4255692cefc
 CVE-2020-8003 (A double-free vulnerability in vrend_renderer.c in virglrenderer throu ...)
 	- virglrenderer <unfixed> (bug #949954)
 	NOTE: https://gitlab.freedesktop.org/virgl/virglrenderer/commit/522b610a826f6de58c560cbb38fa8dfc65ae3c42
author	Salvatore Bonaccorso <carnil@debian.org>	2020-01-27 21:31:17 +0100
committer	Salvatore Bonaccorso <carnil@debian.org>	2020-01-27 21:33:12 +0100
commit	aa2ac03c5e8a69075e674f5237c61a85dc1f7d8c (patch)
tree	a96c313df39ee4523fecb9f516c191d7d8e5a75e /data
parent	2eccf5fc472cd7948c8eea3879681087bd911422 (diff)