From b1ac88cb6e485c2235021e09d23443f39e0d002d Mon Sep 17 00:00:00 2001
From: Sylvain Beucler <beuc@beuc.net>
Date: Thu, 19 May 2022 15:21:25 +0200
Subject: CVE-2022-24903/rsyslog: clarify introductory patches

---
 data/CVE/list | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/data/CVE/list b/data/CVE/list
index 9ba9d501b5..76e60e1c12 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -17732,9 +17732,9 @@ CVE-2022-24903 (Rsyslog is a rocket-fast system for log processing. Modules for
 	NOTE: https://www.openwall.com/lists/oss-security/2022/05/05/3
 	NOTE: https://github.com/rsyslog/rsyslog/security/advisories/GHSA-ggw7-xr6h-mmr8#advisory-comment-72243
 	NOTE: https://github.com/rsyslog/rsyslog/commit/89955b0bcb1ff105e1374aad7e0e993faa6a038f (v8.2204.1)
-	NOTE: Introduced partially by: https://github.com/rsyslog/rsyslog/commit/0381a0de64a5a048c3d48b79055bd9848d0c7fc2 (v8.27.0, CVE-2018-16881)
-	NOTE: Introduced partially by: https://github.com/rsyslog/rsyslog/commit/6c52f29d593a27f934a1871d40eed84ebde3f3a6 (v8.27.0)
-	NOTE: contrib/imhttp/ introduced in https://github.com/rsyslog/rsyslog/commit/6102f6083cfa73fe4a91e3d34c4d1dc924465278 (v8.2010.0)
+	NOTE: Introduced by (plugins/imptcp/imptcp.c): https://github.com/rsyslog/rsyslog/commit/0381a0de64a5a048c3d48b79055bd9848d0c7fc2 (v8.27.0, CVE-2018-16881)
+	NOTE: Introduced by (runtime/tcps_sess.c): https://github.com/rsyslog/rsyslog/commit/01feb44bf1d091ec45ff425a096a0169f290da4b (v8.27.0)
+	NOTE: Introduced by (contrib/imhttp/imhttp.c): https://github.com/rsyslog/rsyslog/commit/6102f6083cfa73fe4a91e3d34c4d1dc924465278 (v8.2010.0)
 CVE-2022-24902 (TkVideoplayer is a simple library to play video files in tkinter. Unco ...)
 	NOT-FOR-US: TkVideoplayer
 CVE-2022-24901 (Improper validation of the Apple certificate URL in the Apple Game Cen ...)
-- 
cgit v1.2.3