From 84c8d693e11c6dbbb01c954ca44ba7e251c57dbe Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Mon, 1 Jun 2020 09:27:25 +0200
Subject: Map specific GHSL issues for sane-backends directly to assigned CVEs

---
 data/CVE/list.2020 | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/data/CVE/list.2020 b/data/CVE/list.2020
index 3ed01853fb..b89e986514 100644
--- a/data/CVE/list.2020
+++ b/data/CVE/list.2020
@@ -1752,6 +1752,7 @@ CVE-2020-12867
 	[experimental] - sane-backends 1.0.30-1~experimental1
 	- sane-backends <unfixed> (bug #961302)
 	NOTE: https://gitlab.com/sane-project/backends/-/issues/279
+	NOTE: https://gitlab.com/sane-project/backends/-/issues/279#issue-1-ghsl-2020-075-null-pointer-dereference-in-sanei_epson_net_read
 	NOTE: https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html
 CVE-2020-12866
 	RESERVED
@@ -1759,6 +1760,7 @@ CVE-2020-12866
 	- sane-backends <unfixed> (bug #961302)
 	[jessie] - sane-backends <not-affected> (epsonds backend was added in 1.0.25)
 	NOTE: https://gitlab.com/sane-project/backends/-/issues/279
+	NOTE: https://gitlab.com/sane-project/backends/-/issues/279#issue-2-ghsl-2020-079-null-pointer-dereference-in-epsonds_net_read
 	NOTE: https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html
 CVE-2020-12865
 	RESERVED
@@ -1766,6 +1768,7 @@ CVE-2020-12865
 	- sane-backends <unfixed> (bug #961302)
 	[jessie] - sane-backends <not-affected> (epsonds backend was added in 1.0.25)
 	NOTE: https://gitlab.com/sane-project/backends/-/issues/279
+	NOTE: https://gitlab.com/sane-project/backends/-/issues/279#issue-9-ghsl-2020-084-buffer-overflow-in-esci2_img
 	NOTE: https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html
 CVE-2020-12864
 	RESERVED
@@ -1773,6 +1776,7 @@ CVE-2020-12864
 	- sane-backends <unfixed> (bug #961302)
 	[jessie] - sane-backends <not-affected> (epsonds backend was added in 1.0.25)
 	NOTE: https://gitlab.com/sane-project/backends/-/issues/279
+	NOTE: https://gitlab.com/sane-project/backends/-/issues/279#issue-4-ghsl-2020-081-reading-uninitialized-data-in-epsonds_net_read
 	NOTE: https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html
 CVE-2020-12863
 	RESERVED
@@ -1780,6 +1784,7 @@ CVE-2020-12863
 	- sane-backends <unfixed> (bug #961302)
 	[jessie] - sane-backends <not-affected> (epsonds backend was added in 1.0.25)
 	NOTE: https://gitlab.com/sane-project/backends/-/issues/279
+	NOTE: https://gitlab.com/sane-project/backends/-/issues/279#issue-7-ghsl-2020-083-out-of-bounds-read-in-esci2_check_header
 	NOTE: https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html
 CVE-2020-12862
 	RESERVED
@@ -1787,6 +1792,7 @@ CVE-2020-12862
 	- sane-backends <unfixed> (bug #961302)
 	[jessie] - sane-backends <not-affected> (epsonds backend was added in 1.0.25)
 	NOTE: https://gitlab.com/sane-project/backends/-/issues/279
+	NOTE: https://gitlab.com/sane-project/backends/-/issues/279#issue-5-ghsl-2020-082-out-of-bounds-read-in-decode_binary
 	NOTE: https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html
 CVE-2020-12861
 	RESERVED
@@ -1794,6 +1800,7 @@ CVE-2020-12861
 	- sane-backends <unfixed> (bug #961302)
 	[jessie] - sane-backends <not-affected> (epsonds backend was added in 1.0.25)
 	NOTE: https://gitlab.com/sane-project/backends/-/issues/279
+	NOTE: https://gitlab.com/sane-project/backends/-/issues/279#issue-3-ghsl-2020-080-heap-buffer-overflow-in-epsonds_net_read
 	NOTE: https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html
 CVE-2020-12860 (COVIDSafe through v1.0.17 allows a remote attacker to access phone nam ...)
 	NOT-FOR-US: COVIDSafe
-- 
cgit v1.2.3