From a26deb5c8c4844cc479636d09df11a72b4673a2f Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Wed, 27 Oct 2021 20:59:50 +0200
Subject: Track fixed version for CVE-2021-36089/libgrokj2k

---
 data/CVE/list | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/data/CVE/list b/data/CVE/list
index 4057c7c98f..1ebb0c58f3 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -17565,7 +17565,7 @@ CVE-2020-36409 (A stored cross scripting (XSS) vulnerability in CMS Made Simple
 CVE-2020-36408 (A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 ...)
 	NOT-FOR-US: CMS Made Simple
 CVE-2021-36089 (Grok 7.6.6 through 9.2.0 has a heap-based buffer overflow in grk::File ...)
-	- libgrokj2k <unfixed> (bug #990525)
+	- libgrokj2k 9.5.0-1 (bug #990525)
 	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=33544
 	NOTE: https://github.com/google/oss-fuzz-vulns/blob/main/vulns/grok/OSV-2021-677.yaml
 CVE-2021-36088 (Fluent Bit (aka fluent-bit) 1.7.0 through 1.7,4 has a double free in f ...)
-- 
cgit v1.2.3