From a667794fea8c8d043da33e35aedba6bde0deb818 Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Wed, 29 Jan 2020 10:23:36 +0100
Subject: Add new nethack issues

All likely to be just maked no-dsa for buster and stretch but adding
those just for the initial tracking.
---
 data/CVE/list.2020 | 20 ++++++++++++++------
 1 file changed, 14 insertions(+), 6 deletions(-)

diff --git a/data/CVE/list.2020 b/data/CVE/list.2020
index 3a34e29f72..090802bdb4 100644
--- a/data/CVE/list.2020
+++ b/data/CVE/list.2020
@@ -6586,17 +6586,25 @@ CVE-2020-5216 (In Secure Headers (RubyGem secure_headers), a directive injection
 CVE-2020-5215 (In TensorFlow before 1.15.2 and 2.0.1, converting a string (from Pytho ...)
 	TODO: check
 CVE-2020-5214 (In NetHack before 3.6.5, detecting an unknown configuration file optio ...)
-	TODO: check
+	- nethack <unfixed>
+	NOTE: https://github.com/NetHack/NetHack/security/advisories/GHSA-p8fw-rq89-xqx6
 CVE-2020-5213 (In NetHack before 3.6.5, too long of a value for the SYMBOL configurat ...)
-	TODO: check
+	- nethack <unfixed>
+	NOTE: https://github.com/NetHack/NetHack/security/advisories/GHSA-rr25-4v34-pr7v
 CVE-2020-5212 (In NetHack before 3.6.5, an extremely long value for the MENUCOLOR con ...)
-	TODO: check
+	- nethack <unfixed>
+	NOTE: https://github.com/NetHack/NetHack/security/advisories/GHSA-g89f-m829-4m56
 CVE-2020-5211 (In NetHack before 3.6.5, an invalid extended command in value for the  ...)
-	TODO: check
+	- nethack <unfixed>
+	NOTE: https://github.com/NetHack/NetHack/security/advisories/GHSA-r788-4jf4-r9f7
 CVE-2020-5210 (In NetHack before 3.6.5, an invalid argument to the -w command line op ...)
-	TODO: check
+	- nethack <unfixed>
+	NOTE: https://github.com/NetHack/NetHack/security/advisories/GHSA-v5pg-hpjg-9rpp
+	NOTE: https://github.com/NetHack/NetHack/commit/f3def5c0b999478da2d0a8f0b6a7c370a2065f77
 CVE-2020-5209 (In NetHack before 3.6.5, unknown options starting with -de and -i can  ...)
-	TODO: check
+	- nethack <unfixed>
+	NOTE: https://github.com/NetHack/NetHack/security/advisories/GHSA-fw72-r8xm-45p8
+	NOTE: https://github.com/NetHack/NetHack/commit/f3def5c0b999478da2d0a8f0b6a7c370a2065f77
 CVE-2020-5208
 	RESERVED
 CVE-2020-5207 (In Ktor before 1.3.0, request smuggling is possible when running behin ...)
-- 
cgit v1.2.3