old, bogus xz-utils issue

author: Moritz Muehlenhoff <jmm@debian.org> 2023-09-04 13:21:00 +0200
committer: Moritz Muehlenhoff <jmm@debian.org> 2023-09-04 13:21:00 +0200
commit: 42514206bc6dcfed6d33e6c528bcc62d02836eeb (patch)
tree: ce830ad29bb6e5683d66f27a9c212653748ccf66 /data
parent: 373c4df57e12d7339f8a786a5a0a0a08ff1c3861 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/data/CVE/list b/data/CVE/list
index ab76ca5bae..0a0826ce1b 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -219598,7 +219598,7 @@ CVE-2020-22918
 CVE-2020-22917
 	RESERVED
 CVE-2020-22916 (An issue discovered in XZ 5.2.5 allows attackers to cause a denial of  ...)
-	TODO: check
+	NOTE: Bogus CVE, original URL is gone and resource limits are a natural constraint for any unpacker
 CVE-2020-22915
 	RESERVED
 CVE-2020-22914
author	Moritz Muehlenhoff <jmm@debian.org>	2023-09-04 13:21:00 +0200
committer	Moritz Muehlenhoff <jmm@debian.org>	2023-09-04 13:21:00 +0200
commit	42514206bc6dcfed6d33e6c528bcc62d02836eeb (patch)
tree	ce830ad29bb6e5683d66f27a9c212653748ccf66 /data
parent	373c4df57e12d7339f8a786a5a0a0a08ff1c3861 (diff)