Update status for CVE-2021-23225/cacti

While the MITRE entries are not too much transparent, the CVE is assigned by the Red Hat CNA. Red Hat refers for CVE-2021-23225 to https://github.com/Cacti/cacti/issues/1882 which covers a set of issues. Track CVE-2021-23225 with respect to the upstream issue #1882 and so mark it as fixed with the first unstable upload after the 1.2.0 upstream version.
author: Salvatore Bonaccorso <carnil@debian.org> 2022-01-25 21:45:50 +0100
committer: Salvatore Bonaccorso <carnil@debian.org> 2022-01-25 21:45:50 +0100
commit: eef4525801a510234f77cb0b914c9670088b9c26 (patch)
tree: dfc738ff775ce781de455bd6bc9a041cd8a596bd
parent: b6dab625ae671fd565fea7e73aaee992b0af9a74 (diff)
1 files changed, 2 insertions, 5 deletions
diff --git a/data/CVE/2021.list b/data/CVE/2021.list
index d37cc54cc7..67a1b74c3d 100644
--- a/data/CVE/2021.list
+++ b/data/CVE/2021.list
@@ -10220,11 +10220,8 @@ CVE-2021-3892
 CVE-2021-26247 (As an unauthenticated remote user, visit "http://&lt;CACTI_SERVER&gt;/ ...)
 	TODO: check
 CVE-2021-23225 (Cacti 1.1.38 allows authenticated users with User Management permissio ...)
-	- cacti <unfixed>
-	TODO: check if these are the correct commits
-	NOTE: https://github.com/Cacti/cacti/commit/6a945c4b4713f80d4fc63369bd5451574ebdec42
-	NOTE: https://github.com/Cacti/cacti/commit/1b9620cc0492ea6f12f63f05c94fff255da8524b
-	NOTE: https://www.cacti.net/info/changelog
+	- cacti 1.2.1+ds1-1
+	NOTE: https://github.com/Cacti/cacti/issues/1882
 CVE-2021-42553
 	RESERVED
 CVE-2021-42552
author	Salvatore Bonaccorso <carnil@debian.org>	2022-01-25 21:45:50 +0100
committer	Salvatore Bonaccorso <carnil@debian.org>	2022-01-25 21:45:50 +0100
commit	eef4525801a510234f77cb0b914c9670088b9c26 (patch)
tree	dfc738ff775ce781de455bd6bc9a041cd8a596bd
parent	b6dab625ae671fd565fea7e73aaee992b0af9a74 (diff)