From 13f362a7aa10a47ba70319b39086033ffd148ee8 Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Fri, 18 Feb 2022 20:39:59 +0100
Subject: Add reference to upstream commit for CVE-2022-25314/expat

---
 data/CVE/2022.list | 1 +
 1 file changed, 1 insertion(+)

diff --git a/data/CVE/2022.list b/data/CVE/2022.list
index 3dde12a8ab..6385246e93 100644
--- a/data/CVE/2022.list
+++ b/data/CVE/2022.list
@@ -29,6 +29,7 @@ CVE-2022-25315 (In Expat (aka libexpat) before 2.4.5, there is an integer overfl
 CVE-2022-25314 (In Expat (aka libexpat) before 2.4.5, there is an integer overflow in  ...)
 	- expat <unfixed>
 	NOTE: https://github.com/libexpat/libexpat/pull/560
+	NOTE: https://github.com/libexpat/libexpat/commit/efcb347440ade24b9f1054671e6bd05e60b4cafd
 CVE-2022-25313 (In Expat (aka libexpat) before 2.4.5, an attacker can trigger stack ex ...)
 	- expat <unfixed>
 	NOTE: https://github.com/libexpat/libexpat/pull/558
-- 
cgit v1.2.3