From f3345165a6f3433ded5a55416bcac3f2fb471d91 Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Thu, 23 Apr 2020 22:34:19 +0200
Subject: Track CVE-2019-20788/libvncserver as different issue from
 CVE-2019-15690

There is a procedural issue here, as the CVE-2019-20788 is strongly
possible to be a duplicate of CVE-2019-15690. As CVE-2019-15690 was
tough assigned by the CVE-2019-15690 assigning CNA (Kaspersky) which did
not populate the entry, it cannot be said for sure that CVE-2019-15690
and CVE-2019-20788 do not exactly cover the same issue or a different
aspect of the issue.

Thee will be an update of the CVE entry adding ""NOTE: this may overlap
CVE-2019-15690" to CVE-2019-20788."
---
 data/next-oldstable-point-update.txt | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'data/next-oldstable-point-update.txt')

diff --git a/data/next-oldstable-point-update.txt b/data/next-oldstable-point-update.txt
index f55e2aab07..e6d568b2b0 100644
--- a/data/next-oldstable-point-update.txt
+++ b/data/next-oldstable-point-update.txt
@@ -70,6 +70,8 @@ CVE-2017-11747
 	[stretch] - tinyproxy 1.8.4-3~deb9u2
 CVE-2019-15690
 	[stretch] - libvncserver 0.9.11+dfsg-1.3~deb9u4
+CVE-2019-20788
+	[stretch] - libvncserver 0.9.11+dfsg-1.3~deb9u4
 CVE-2020-8518
 	[stretch] - php-horde-data 2.1.4-3+deb9u1
 CVE-2020-8866
-- 
cgit v1.2.3