From 99c90d9ed7bacfecc998054b8079116b0c0f2444 Mon Sep 17 00:00:00 2001
From: Moritz Muehlenhoff <jmm@debian.org>
Date: Mon, 4 Sep 2023 10:56:09 +0200
Subject: new timg issue

---
 data/CVE/list | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

(limited to 'data')

diff --git a/data/CVE/list b/data/CVE/list
index b3ae508652..d99a63453a 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -255,7 +255,10 @@ CVE-2023-40970 (Senayan Library Management Systems SLIMS 9 Bulian v 9.6.1 is vul
 CVE-2023-40969 (Senayan Library Management Systems SLIMS 9 Bulian v9.6.1 is vulnerable ...)
 	NOT-FOR-US: Senayan Library Management Systems SLIMS 9 Bulian
 CVE-2023-40968 (Buffer Overflow vulnerability in hzeller timg v.1.5.2 and before allow ...)
-	TODO: check
+	- timg <unfixed>
+	[bookworm] - timg <no-dsa> (Minor issue)
+	NOTE: https://github.com/hzeller/timg/issues/115
+	NOTE: https://github.com/hzeller/timg/commit/2e9414e668144bbe0afc074dac17b74ef4acfdcf
 CVE-2023-40771 (SQL injection vulnerability in DataEase v.1.18.9 allows a remote attac ...)
 	NOT-FOR-US: DataEase
 CVE-2023-40239 (Certain Lexmark devices (such as CS310) before 2023-08-25 allow XXE at ...)
-- 
cgit v1.2.3