From 1bc0411e50e07215c7a08a1cdccf63835ee08947 Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Tue, 9 Apr 2024 22:21:25 +0200
Subject: Add CVE-2024-24576/rustc

Follow exceptionally the same pattern as we do for e.g. firefox-esr
issues which do only affect when running on Windows.
---
 data/CVE/list | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'data')

diff --git a/data/CVE/list b/data/CVE/list
index 7c8e1d7f80..e81fea099b 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -533,7 +533,8 @@ CVE-2024-25115 (RedisBloom adds a set of probabilistic data structures to Redis.
 CVE-2024-24694 (Improper privilege management in the installer for Zoom Desktop Client ...)
 	TODO: check
 CVE-2024-24576 (Rust is a programming language. The Rust Security Response WG was noti ...)
-	TODO: check
+	- rustc <not-affected> (Only affects rustc on Windows)
+	NOTE: https://github.com/rust-lang/rust/security/advisories/GHSA-q455-m56c-85mh
 CVE-2024-24245 (An issue in Canimaan Software LTD ClamXAV v3.1.2 through v3.6.1 and fi ...)
 	TODO: check
 CVE-2024-23671 (A improper limitation of a pathname to a restricted directory ('path t ...)
-- 
cgit v1.2.3