From 73ad5612d094b313a88ae96a586e784f995efd62 Mon Sep 17 00:00:00 2001
From: Moritz Muehlenhoff <jmm@debian.org>
Date: Mon, 28 Aug 2023 10:07:06 +0200
Subject: fix entry for labstack echo

---
 data/CVE/list | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

(limited to 'data')

diff --git a/data/CVE/list b/data/CVE/list
index 32c8a3153b..f38bf9e51e 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -68784,7 +68784,12 @@ CVE-2022-40085
 CVE-2022-40084 (OpenCRX before v5.2.2 was discovered to be vulnerable to password enum ...)
 	NOT-FOR-US: OpenCRX
 CVE-2022-40083 (Labstack Echo v4.8.0 was discovered to contain an open redirect vulner ...)
-	NOT-FOR-US: Labstack Echo
+	- golang-github-labstack-echo 4.11.1-1
+	[bookworm] - golang-github-labstack-echo <no-dsa> (Minor issue)
+	- golang-github-labstack-echo.v2 <not-affected> (Vulnerable code not present)
+	- golang-github-labstack-echo.v3 <not-affected> (Vulnerable code not present)
+	NOTE: https://github.com/labstack/echo/commit/0ac4d74402391912ff6da733bb09fd4c3980b4e1 (v4.9.0)
+	NOTE: https://github.com/labstack/echo/issues/2259
 CVE-2022-40082 (Hertz v0.3.0 ws discovered to contain a path traversal vulnerability v ...)
 	NOT-FOR-US: Hertz
 CVE-2022-40081
-- 
cgit v1.2.3