From fd6b8c8a2dbc33cf0fe383e39fd48e46108b706c Mon Sep 17 00:00:00 2001
From: Emilio Pozuelo Monfort <pochu@debian.org>
Date: Tue, 27 Sep 2022 13:40:20 +0200
Subject: CVE-2022-33980/commons-configuration2 n/a on buster

---
 data/CVE/list | 1 +
 1 file changed, 1 insertion(+)

diff --git a/data/CVE/list b/data/CVE/list
index 076a8d08d8..70355011ea 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -19720,6 +19720,7 @@ CVE-2022-33981 (drivers/block/floppy.c in the Linux kernel before 5.17.6 is vuln
 	NOTE: https://git.kernel.org/linus/233087ca063686964a53c829d547c7571e3f67bf (5.18-rc5)
 CVE-2022-33980 (Apache Commons Configuration performs variable interpolation, allowing ...)
 	- commons-configuration2 2.8.0-1 (bug #1014960)
+	[buster] - commons-configuration2 <not-affected> (Vulnerable code introduced later)
 	NOTE: https://www.openwall.com/lists/oss-security/2022/07/06/5
 CVE-2022-2129 (Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. ...)
 	- vim 2:9.0.0135-1 (bug #1015984)
-- 
cgit v1.2.3