From f3345165a6f3433ded5a55416bcac3f2fb471d91 Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Thu, 23 Apr 2020 22:34:19 +0200
Subject: Track CVE-2019-20788/libvncserver as different issue from
 CVE-2019-15690

There is a procedural issue here, as the CVE-2019-20788 is strongly
possible to be a duplicate of CVE-2019-15690. As CVE-2019-15690 was
tough assigned by the CVE-2019-15690 assigning CNA (Kaspersky) which did
not populate the entry, it cannot be said for sure that CVE-2019-15690
and CVE-2019-20788 do not exactly cover the same issue or a different
aspect of the issue.

Thee will be an update of the CVE entry adding ""NOTE: this may overlap
CVE-2019-15690" to CVE-2019-20788."
---
 data/next-point-update.txt | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'data/next-point-update.txt')

diff --git a/data/next-point-update.txt b/data/next-point-update.txt
index fc584b6b61..af2603853f 100644
--- a/data/next-point-update.txt
+++ b/data/next-point-update.txt
@@ -69,6 +69,8 @@ CVE-2019-15522
 	[buster] - csync2 2.0-22-gce67c55-1+deb10u1
 CVE-2019-15690
 	[buster] - libvncserver 0.9.11+dfsg-1.3+deb10u3
+CVE-2019-20788
+	[buster] - libvncserver 0.9.11+dfsg-1.3+deb10u3
 CVE-2020-1712
 	[buster] - systemd 241-7~deb10u4
 CVE-2020-8518
-- 
cgit v1.2.3