From f1b9dfa8e06ed0b8af749ce7fc277b922770f5f6 Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Thu, 30 Jan 2020 09:48:00 +0100
Subject: Add CVE-2019-2044{4,5}/netty

---
 data/CVE/list.2019 | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/data/CVE/list.2019 b/data/CVE/list.2019
index 67add4b531..b6b99b9556 100644
--- a/data/CVE/list.2019
+++ b/data/CVE/list.2019
@@ -1,7 +1,9 @@
 CVE-2019-20445 (HttpObjectDecoder.java in Netty before 4.1.44 allows a Content-Length  ...)
-	TODO: check
+	- netty <unfixed>
+	NOTE: https://github.com/netty/netty/issues/9861
 CVE-2019-20444 (HttpObjectDecoder.java in Netty before 4.1.44 allows an HTTP header th ...)
-	TODO: check
+	- netty <unfixed>
+	NOTE: https://github.com/netty/netty/issues/9866
 CVE-2019-20443 (An issue was discovered in WSO2 API Manager 2.6.0, WSO2 Enterprise Int ...)
 	NOT-FOR-US: WSO2
 CVE-2019-20442 (An issue was discovered in WSO2 API Manager 2.6.0, WSO2 Enterprise Int ...)
-- 
cgit v1.2.3