From 670d9570add1c9bf5828a7aa818958f91edd118a Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Fri, 15 Oct 2021 15:11:10 +0200
Subject: Add TODO item for two otrs2/znuny issues

---
 data/CVE/list.2021 | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/data/CVE/list.2021 b/data/CVE/list.2021
index 98f8c74b4d..a66018cc2b 100644
--- a/data/CVE/list.2021
+++ b/data/CVE/list.2021
@@ -14789,6 +14789,7 @@ CVE-2021-36096 (Generated Support Bundles contains private S/MIME and PGP keys i
 	NOTE: https://otrs.com/release-notes/otrs-security-advisory-2021-10/
 	NOTE: Reference is for OTRS, no reference for znuny yet (in bullseye src:otrs2 is the znuny fork)
 	NOTE: CVE-2021-36096 is an update from the original CVE-2021-21440.
+	TODO: check, 6.1.2-1 claims to fix the issue through the znuny codebase
 CVE-2021-36095 (Malicious attacker is able to find out valid user logins by using the  ...)
 	- otrs2 <undetermined> (bug #993846)
 	[buster] - otrs2 <no-dsa> (Non-free not supported)
@@ -14801,6 +14802,7 @@ CVE-2021-36094 (It's possible to craft a request for appointment edit screen, wh
 	[stretch] - otrs2 <no-dsa> (Non-free not supported)
 	NOTE: https://otrs.com/release-notes/otrs-security-advisory-2021-17/
 	NOTE: Reference is for OTRS, no reference for znuny yet (in bullseye src:otrs2 is the znuny fork)
+	TODO: check, 6.1.2-1 claims to fix the issue through the znuny codebase
 CVE-2021-36093 (It's possible to create an email which can be stuck while being proces ...)
 	- otrs2 <undetermined> (bug #993846)
 	[buster] - otrs2 <no-dsa> (Non-free not supported)
-- 
cgit v1.2.3