From 27f5448f48643932dc5eece209198d7d454002a6 Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Tue, 17 May 2022 21:12:53 +0200
Subject: Update information on CVE-2022-1355/tiff

We referenced the wrong upstream commit for CVE-2022-1355, so the isuse
is not yet fixed with the 4.3.0-7 upload.

Link: https://bugs.debian.org/1011160
---
 data/CVE/list | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/data/CVE/list b/data/CVE/list
index 80545a4078..910a3e85af 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -4828,12 +4828,12 @@ CVE-2022-1356
 	RESERVED
 CVE-2022-1355
 	RESERVED
-	- tiff 4.3.0-7
+	- tiff <unfixed> (bug #1011160)
 	[bullseye] - tiff <no-dsa> (Minor issue)
 	[buster] - tiff <no-dsa> (Minor issue)
 	NOTE: https://gitlab.com/libtiff/libtiff/-/issues/400
 	NOTE: https://gitlab.com/libtiff/libtiff/-/merge_requests/323
-	NOTE: Fixed by: https://gitlab.com/libtiff/libtiff/-/commit/9752dae8febab08879fc0159e7d387cff14eb3c3
+	NOTE: Fixed by: https://gitlab.com/libtiff/libtiff/-/commit/c1ae29f9ebacd29b7c3e0c7db671af7db3584bc2
 CVE-2022-1354
 	RESERVED
 	- tiff 4.3.0-7
-- 
cgit v1.2.3