update additional jpeg-xl issues

1 files changed, 4 insertions, 3 deletions

diff --git a/data/CVE/list b/data/CVE/list
index f01c9ef9f3..96274bbb07 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -84891,9 +84891,10 @@ CVE-2021-36692 (libjxl v0.3.7 is affected by a Divide By Zero in issue in lib/ex
 	NOTE: https://github.com/libjxl/libjxl/pull/313
 	NOTE: https://github.com/libjxl/libjxl/commit/7dfa400ded53919d986c5d3d23446a09e0cf481b (v0.5)
 CVE-2021-36691 (libjxl v0.5.0 is affected by a Assertion failed issue in lib/jxl/image ...)
-	- jpeg-xl <unfixed>
+	- jpeg-xl <unfixed> (unimportant)
 	NOTE: https://github.com/libjxl/libjxl/issues/422
 	NOTE: Special case of https://github.com/libjxl/libjxl/issues/762
+	NOTE: Negligible security impact
 CVE-2021-36690 (** DISPUTED ** A segmentation fault can occur in the sqlite3.exe comma ...)
 	- sqlite3 3.36.0-2 (unimportant)
 	[stretch] - sqlite3 <not-affected> (vulnerable code is not present)
@@ -107086,7 +107087,7 @@ CVE-2021-28028 (An issue was discovered in the toodee crate before 0.3.0 for Rus
 CVE-2021-28027 (An issue was discovered in the bam crate before 0.1.3 for Rust. There  ...)
 	NOT-FOR-US: Rust crate bam
 CVE-2021-28026 (jpeg-xl v0.3.2 is affected by a heap buffer overflow in /lib/jxl/coeff ...)
-	- jpeg-xl <itp> (bug #948862)
+	- jpeg-xl <not-affected> (Fixed before initial release)
 CVE-2021-28025
 	RESERVED
 CVE-2021-28024 (Unauthorized system access in the login form in ServiceTonic Helpdesk  ...)
@@ -107628,7 +107629,7 @@ CVE-2021-27806
 CVE-2021-27805
 	RESERVED
 CVE-2021-27804 (JPEG XL (aka jpeg-xl) through 0.3.2 allows writable memory corruption. ...)
-	- jpeg-xl <itp> (bug #948862)
+	- jpeg-xl <not-affected> (Fixed before initial release)
 CVE-2021-27802
 	REJECTED
 CVE-2021-27801