Add information on CVE-2019-20633/patch

author: Salvatore Bonaccorso <carnil@debian.org> 2020-03-25 21:25:43 +0100
committer: Salvatore Bonaccorso <carnil@debian.org> 2020-03-25 21:25:43 +0100
commit: 26bb8cd514c7222e62ebe61ebb367c0c5e3a1cb7 (patch)
tree: f0398f1d48a558afcd3baf27d3399759622256ea /data/CVE/2018.list
parent: d1e0bf199712a095c4a7b4231a5cb336e7c66695 (diff)
1 files changed, 2 insertions, 0 deletions
diff --git a/data/CVE/2018.list b/data/CVE/2018.list
index af802de408..4eb234ab36 100644
--- a/data/CVE/2018.list
+++ b/data/CVE/2018.list
@@ -37388,6 +37388,8 @@ CVE-2018-6952 (A double free exists in the another_hunk function in pch.c in GNU
 	- patch <unfixed> (unimportant)
 	NOTE: https://savannah.gnu.org/bugs/index.php?53133
 	NOTE: https://git.savannah.gnu.org/cgit/patch.git/commit/?id=9c986353e420ead6e706262bf204d6e03322c300
+	NOTE: When fixing this issue make sure to not apply only the incomplete fix,
+	NOTE: and opening CVE-2019-20633, cf. https://savannah.gnu.org/bugs/index.php?56683
 	NOTE: Crash in CLI tool, no security impact
 CVE-2018-6951 (An issue was discovered in GNU patch through 2.7.6. There is a segment ...)
 	- patch <unfixed> (unimportant)
author	Salvatore Bonaccorso <carnil@debian.org>	2020-03-25 21:25:43 +0100
committer	Salvatore Bonaccorso <carnil@debian.org>	2020-03-25 21:25:43 +0100
commit	26bb8cd514c7222e62ebe61ebb367c0c5e3a1cb7 (patch)
tree	f0398f1d48a558afcd3baf27d3399759622256ea /data/CVE/2018.list
parent	d1e0bf199712a095c4a7b4231a5cb336e7c66695 (diff)