From 0a0d3b0a92e3f8bd49b0f56f0df381a46d7ca762 Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Fri, 15 Oct 2021 09:50:42 +0200
Subject: Add CVE-2021-3882/ledgersmb

---
 data/CVE/list.2021 | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/data/CVE/list.2021 b/data/CVE/list.2021
index fe07c93bbf..233cb2e7d2 100644
--- a/data/CVE/list.2021
+++ b/data/CVE/list.2021
@@ -273,7 +273,9 @@ CVE-2021-42264
 CVE-2021-42263
 	RESERVED
 CVE-2021-3882 (LedgerSMB does not set the 'Secure' attribute on the session authoriza ...)
-	TODO: check
+	- ledgersmb <not-affected> (Vulnerable code introduced later)
+	NOTE: https://huntr.dev/bounties/7061d97a-98a5-495a-8ba0-3a4c66091e9d/
+	NOTE: https://ledgersmb.org/content/security-advisory-cve-2021-3882-non-secure-session-cookie
 CVE-2021-3881
 	RESERVED
 CVE-2021-3880
-- 
cgit v1.2.3