From 17a1b28059f89faceee17bb7ec5f10a1dc1f8003 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Moritz=20M=C3=BChlenhoff?= <jmm@debian.org>
Date: Fri, 21 Jan 2022 15:59:36 +0100
Subject: node-fetch spu

---
 data/CVE/list              | 1 +
 data/next-point-update.txt | 2 ++
 2 files changed, 3 insertions(+)

diff --git a/data/CVE/list b/data/CVE/list
index ed2b2ebc7e..f49e033fc3 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1646,6 +1646,7 @@ CVE-2022-0236 (The WP Import Export WordPress plugin (both free and premium vers
 	NOT-FOR-US: WordPress plugin
 CVE-2022-0235 (node-fetch is vulnerable to Exposure of Sensitive Information to an Un ...)
 	- node-fetch 2.6.1-7
+	[bullseye] - node-fetch <no-dsa> (Minor issue)
 	NOTE: https://huntr.dev/bounties/d26ab655-38d6-48b3-be15-f9ad6b6ae6f7/
 	NOTE: Fixed by: https://github.com/node-fetch/node-fetch/commit/f5d3cf5e2579cb8f4c76c291871e69696aef8f80 (v3.1.1)
 CVE-2022-0234
diff --git a/data/next-point-update.txt b/data/next-point-update.txt
index 223f51c148..e0d07071f5 100644
--- a/data/next-point-update.txt
+++ b/data/next-point-update.txt
@@ -42,3 +42,5 @@ CVE-2021-3997
 	[bullseye] - systemd 247.3-7
 CVE-2020-18442
 	[bullseye] - zziplib 0.13.62-3.3+deb11u1
+CVE-2022-0235
+	[bullseye] - node-fetch 2.6.1-5+deb11u1
-- 
cgit v1.2.3