diff --git a/commit_dates.txt b/commit_dates.txt
index fa1bb6a..646727f 100644
--- a/commit_dates.txt
+++ b/commit_dates.txt
@@ -5,6 +5,7 @@
 063eba280a11d3c9a5dd9ee5abe4de640907951b: Fri Sep 6 22:24:05 2019 -0700
 06b15424b0dcacb1c551b2a36e739fffa8d0c595: Tue Jan 15 15:11:52 2019 -0800
 070fae6d0ff49e63bfd5f2bdc66f8eb1df3b6557: Tue Jul 2 20:39:42 2019 +0200
+0716056c49e9505041e30386dad9b2e788f67aaf: Fri Nov 22 14:09:10 2019 -0800
 07bcf05fcf3fd1d4001e8e3489162e6d67638285: Tue Nov 8 21:17:46 2016 +0200
 0902a2d6b2d1d9dbde36aeaaccf1788ceaa97143: Sat Mar 3 21:55:07 2018 -0800
 0c2b6a3943aa7b022e8eb4bfd9bffcddebf9a587: Wed May 22 22:15:01 2019 +0200
@@ -184,6 +185,7 @@ e3e7d40514e5dd0c3847682a719577efcfae1d8f: Sun Nov 23 21:02:02 2014 -0600
 e46f1c19642ea1882f427d8246987ba49351a97d: Wed Jul 19 05:40:10 2017 +0300
 e5567ccc863cadb68f5e57a2760e021e0d3807cf: Tue Jul 3 01:23:46 2012 -0400
 e5eae474c431af2880a68f6329840b9288fc4bc1: Thu Jul 27 00:50:36 2017 +0900
+e6499033032d5b647e43a3b49da0c1c64b151743: Sun Nov 24 16:49:23 2019 +0100
 e7d8be80ba634fa15ece6f503c33592e0d333361: Thu Jul 31 17:17:14 2008 +0000
 e8650a4f8c7fb76f570d4ca9c1fbe44e91c8dfaa: Sat Sep 28 04:59:37 2019 +0900
 e9123efa21a16584758b5ce7da93d3966cf0cd81: Sat Jul 3 13:39:22 2010 +0000
diff --git a/vulnerabilities.yaml b/vulnerabilities.yaml
index 16c178e..a94d887 100644
--- a/vulnerabilities.yaml
+++ b/vulnerabilities.yaml
@@ -1370,6 +1370,8 @@
    - 3.9: 1b779bfb8593739b11cbb988ef82a883ec9d077e
    - 3.8: a1e1be4c4969c7c20c8c958e5ab5279ae6a66a16
    - 3.7: cb6085138a845f8324adc011b65754acc2086cc0
+   - 3.6: 0716056c49e9505041e30386dad9b2e788f67aaf
+   - 2.7: e6499033032d5b647e43a3b49da0c1c64b151743
   description: |
     The regex ``http.cookiejar.LOOSE_HTTP_DATE_RE`` is vulnerable to regular
     expression denial of service ("REDoS"). ``LOOSE_HTTP_DATE_RE.match()`` is