From ee559d81b5368d48392366d62d97cee337b49d60 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Roberto=20C=2E=20S=C3=A1nchez?= <roberto@debian.org>
Date: Thu, 24 Mar 2022 09:55:30 -0400
Subject: CVE-2020-22678/gpac, update notes

---
 data/CVE/list | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/data/CVE/list b/data/CVE/list
index 57b3b0a00c..fc1db79743 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -111833,6 +111833,8 @@ CVE-2020-22678 (An issue was discovered in gpac 0.8.0. The gf_media_nalu_remove_
 	[buster] - gpac <ignored> (Minor issue)
 	NOTE: https://github.com/gpac/gpac/issues/1339
 	NOTE: https://github.com/gpac/gpac/commit/7644478ecfa25fd9505ee11ef12deb475cd97025
+	NOTE: https://github.com/gpac/gpac/commit/524e2bbdb294d5aa4c84bf83db4d328a588b55f7
+	NOTE: Commit 7644478ecf depends on part of 524e2bbdb2 (specifically, the second hunk of the change to src/isomedia/avc_ext.c)
 CVE-2020-22677 (An issue was discovered in gpac 0.8.0. The dump_data_hex function in b ...)
 	- gpac 1.0.1+dfsg1-2
 	[buster] - gpac <ignored> (Minor issue)
-- 
cgit v1.2.3