From c9c12ec0e5fd0c02ed59d21082b1b2d75ad70f8d Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Fri, 5 Mar 2021 20:32:13 +0100
Subject: Add upstream references for CVE-2021-340{3,4}/libytnef

---
 data/CVE/list.2021 | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/data/CVE/list.2021 b/data/CVE/list.2021
index 333e3cbe33..93fa159654 100644
--- a/data/CVE/list.2021
+++ b/data/CVE/list.2021
@@ -2189,11 +2189,15 @@ CVE-2021-3404 (In ytnef 1.9.3, the SwapWord function in lib/ytnef.c allows remot
 	[buster] - libytnef <no-dsa> (Minor issue)
 	[stretch] - libytnef <no-dsa> (Minor issue)
 	NOTE: https://github.com/Yeraze/ytnef/issues/86
+	NOTE: https://github.com/Yeraze/ytnef/pull/88
+	NOTE: https://github.com/Yeraze/ytnef/commit/f9ff4a203b8c155d51a208cadadb62f224fba715
 CVE-2021-3403 (In ytnef 1.9.3, the TNEFSubjectHandler function in lib/ytnef.c allows  ...)
 	- libytnef 1.9.3-3 (bug #982594)
 	[buster] - libytnef <no-dsa> (Minor issue)
 	[stretch] - libytnef <no-dsa> (Minor issue)
 	NOTE: https://github.com/Yeraze/ytnef/issues/85
+	NOTE: https://github.com/Yeraze/ytnef/pull/87
+	NOTE: https://github.com/Yeraze/ytnef/commit/f2380a53fb84d370eaf6e6c3473062c54c57fac7
 CVE-2021-26936 (The replay-sorcery program in ReplaySorcery 0.4.0 through 0.5.0, when  ...)
 	NOT-FOR-US: ReplaySorcery
 CVE-2021-26935
-- 
cgit v1.2.3