From ff281a9f9fb4723c8314a85fde736765dea45ddc Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Mon, 24 Jan 2022 12:20:01 +0100
Subject: Add upstream commits for CVE-2021-3995 and CVE-2021-3996

---
 data/CVE/list.2021 | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/data/CVE/list.2021 b/data/CVE/list.2021
index 54c8f861e8..d735860b82 100644
--- a/data/CVE/list.2021
+++ b/data/CVE/list.2021
@@ -6101,6 +6101,7 @@ CVE-2021-3996
 	[buster] - util-linux <not-affected> (Vulnerable code introduced later)
 	[stretch] - util-linux <not-affected> (Vulnerable code introduced later)
 	NOTE: Introduced by: https://github.com/util-linux/util-linux/commit/5fea669e9ef0a08804f72bb40f859f239f68c30a (v2.34-rc1)
+	NOTE: Fixed by: https://github.com/util-linux/util-linux/commit/018a10907fa9885093f6d87401556932c2d8bd2b (v2.37.3)
 	NOTE: https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.37/v2.37.3-ReleaseNotes
 CVE-2021-3995
 	RESERVED
@@ -6108,6 +6109,7 @@ CVE-2021-3995
 	[buster] - util-linux <not-affected> (Vulnerable code introduced later)
 	[stretch] - util-linux <not-affected> (Vulnerable code introduced later)
 	NOTE: Introduced by: https://github.com/util-linux/util-linux/commit/5fea669e9ef0a08804f72bb40f859f239f68c30a (v2.34-rc1)
+	NOTE: Fixed by: https://github.com/util-linux/util-linux/commit/f3db9bd609494099f0c1b95231c5dfe383346929 (v2.37.3)
 	NOTE: https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.37/v2.37.3-ReleaseNotes
 CVE-2021-3994 (django-helpdesk is vulnerable to Improper Neutralization of Input Duri ...)
 	NOT-FOR-US: django-helpdesk
-- 
cgit v1.2.3