From 3ecc02cf4226a41e41c1b474021ef1673d9698f8 Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Sat, 28 Oct 2023 09:46:03 +0200
Subject: Update information on CVE-2023-3223/undertow

---
 data/CVE/list | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'data')

diff --git a/data/CVE/list b/data/CVE/list
index 35b3e670b1..1162ebdaa8 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -12214,6 +12214,9 @@ CVE-2023-2905 (Due to a failure in validating the length of a provided MQTT_CMD_
 CVE-2023-3223 (A flaw was found in undertow. Servlets annotated with @MultipartConfig ...)
 	- undertow <unfixed>
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2209689
+	NOTE: https://github.com/undertow-io/undertow/pull/1521 (2.3.9.Final)
+	NOTE: https://github.com/undertow-io/undertow/pull/1523 (backport, 2.2.27.Final)
+	NOTE: https://issues.redhat.com/browse/UNDERTOW-2271
 CVE-2023-4219 (A vulnerability was found in SourceCodester Doctors Appointment System ...)
 	NOT-FOR-US: SourceCodester Doctors Appointment System
 CVE-2023-4203 (Advantech EKI-1524, EKI-1522, EKI-1521 devices through 1.21 are affect ...)
-- 
cgit v1.2.3