Mark CVE-2023-40462 as NFU

The vulnerability report states that "one issue has two CVE IDs because it affects TinyXML independently (CVE-2023-34194) and as used by ACEmanager (CVE-2023-40462). With that and given both CVEs are listed under the same issue in the Table 2, it looks safe to assume that CVE-2023-40462 is the ACEmanager specific CVE, while CVE-2023-34194 is for the underlying part in tinyxml. This is as well inline with the product association given in the CVE entry from MITRE. Link: https://www.forescout.com/resources/sierra21-vulnerabilities Link: https://www.cve.org/CVERecord?id=CVE-2023-40462
author: Salvatore Bonaccorso <carnil@debian.org> 2023-12-31 06:54:25 +0100
committer: Salvatore Bonaccorso <carnil@debian.org> 2023-12-31 06:54:25 +0100
commit: 7e507c932b999df48f808969c00f07a638e3357b (patch)
tree: cbf454856052180cf354217512e5bfee9f723b74 /data/DLA
parent: b1a1b40e7095d0781883559f014ea512a9b44609 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/data/DLA/list b/data/DLA/list
index 85f3afe48a..b3289c9d79 100644
--- a/data/DLA/list
+++ b/data/DLA/list
@@ -2,7 +2,7 @@
 	{CVE-2023-7101}
 	[buster] - libspreadsheet-parseexcel-perl 0.6500-1+deb10u1
 [31 Dec 2023] DLA-3701-1 tinyxml - security update
-	{CVE-2023-34194 CVE-2023-40462}
+	{CVE-2023-34194}
 	[buster] - tinyxml 2.6.2-4+deb10u2
 [30 Dec 2023] DLA-3700-1 cjson - security update
 	{CVE-2023-50471}
author	Salvatore Bonaccorso <carnil@debian.org>	2023-12-31 06:54:25 +0100
committer	Salvatore Bonaccorso <carnil@debian.org>	2023-12-31 06:54:25 +0100
commit	7e507c932b999df48f808969c00f07a638e3357b (patch)
tree	cbf454856052180cf354217512e5bfee9f723b74 /data/DLA
parent	b1a1b40e7095d0781883559f014ea512a9b44609 (diff)