From 47994e7268c780497778e42a98347dfc6a0b1b07 Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Fri, 15 Oct 2021 09:50:42 +0200
Subject: Add CVE-2021-3882/ledgersmb

---
 data/CVE/list | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'data')

diff --git a/data/CVE/list b/data/CVE/list
index e44189211b..abfdb1d887 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -487,7 +487,9 @@ CVE-2021-42264
 CVE-2021-42263
 	RESERVED
 CVE-2021-3882 (LedgerSMB does not set the 'Secure' attribute on the session authoriza ...)
-	TODO: check
+	- ledgersmb <not-affected> (Vulnerable code introduced later)
+	NOTE: https://huntr.dev/bounties/7061d97a-98a5-495a-8ba0-3a4c66091e9d/
+	NOTE: https://ledgersmb.org/content/security-advisory-cve-2021-3882-non-secure-session-cookie
 CVE-2021-3881
 	RESERVED
 CVE-2021-3880
-- 
cgit v1.2.3