From 491b8343d5b295e560bd2603f67c250f5027dd7e Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Mon, 21 Feb 2022 21:16:56 +0100
Subject: Update information for CVE-2022-2331{8,9}/pcf2bdf

---
 data/CVE/2022.list | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/data/CVE/2022.list b/data/CVE/2022.list
index a366a8287b..eddc0d0880 100644
--- a/data/CVE/2022.list
+++ b/data/CVE/2022.list
@@ -6154,13 +6154,15 @@ CVE-2022-23320 (XMPie uStore 12.3.7244.0 allows for administrators to generate r
 	NOT-FOR-US: XMPie uStore
 CVE-2022-23319 (A segmentation fault during PCF file parsing in pcf2bdf versions &gt;= ...)
 	- pcf2bdf <unfixed> (unimportant)
-	NOTE: https://github.com/ganaware/pcf2bdf
 	NOTE: https://github.com/ganaware/pcf2bdf/issues/5
+	NOTE: https://github.com/advisories/GHSA-p4gv-mjgc-3g68
+	NOTE: Fixed by: https://github.com/ganaware/pcf2bdf/commit/3555aab4f3cfbec199141122177750a4351b8e79
 	NOTE: Crash in CLI tool, no security impact
 CVE-2022-23318 (A heap-buffer-overflow in pcf2bdf, versions &gt;= 1.05 allows an attac ...)
 	- pcf2bdf <unfixed> (unimportant)
-	NOTE: https://github.com/ganaware/pcf2bdf
 	NOTE: https://github.com/ganaware/pcf2bdf/issues/4
+	NOTE: https://github.com/advisories/GHSA-mhwp-x94h-mg49
+	NOTE: Fixed by: https://github.com/ganaware/pcf2bdf/commit/aaf16808e4bb8d96eeab5f684df6550912a9e694
 	NOTE: Crash in CLI tool, no security impact
 CVE-2022-23317 (CobaltStrike &lt;=4.5 HTTP(S) listener does not determine whether the  ...)
 	NOT-FOR-US: CobaltStrike
-- 
cgit v1.2.3