From 4d34a414cc13fc539fe2c2de1836842253f8ca07 Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Wed, 20 Jan 2021 09:25:59 +0100
Subject: Add CVE-2020-11997

---
 data/CVE/list | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/data/CVE/list b/data/CVE/list
index 929b702523..b4579691d3 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -59525,7 +59525,9 @@ CVE-2020-11998 (A regression has been introduced in the commit preventing JMX re
 	- activemq <not-affected> (Only affects 5.15.12)
 	NOTE: http://activemq.apache.org/security-advisories.data/CVE-2020-11998-announcement.txt
 CVE-2020-11997 (Apache Guacamole 1.2.0 and earlier do not consistently restrict access ...)
-	TODO: check
+	- guacamole-server 1.3.0-1
+	NOTE: https://lists.apache.org/thread.html/r1a9ae9d1608c9f846875c4191cd738f95543d1be06b52dc1320e8117%40%3Cannounce.guacamole.apache.org%3E
+	TODO: check details, both guacamole-client and guacamole-server affected?
 CVE-2020-11996 (A specially crafted sequence of HTTP/2 requests sent to Apache Tomcat  ...)
 	{DSA-4727-1 DLA-2279-1}
 	- tomcat9 9.0.36-1
-- 
cgit v1.2.3