From bc10ea95c8dd34ce90dbee2e8fe15ab5640b6bc3 Mon Sep 17 00:00:00 2001
From: Moritz Muehlenhoff <jmm@debian.org>
Date: Fri, 29 Apr 2022 15:43:04 +0200
Subject: node-ejs fixed in sid

---
 data/CVE/list | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/data/CVE/list b/data/CVE/list
index 79fccae76c..20065752d5 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -2332,7 +2332,7 @@ CVE-2022-29080 (The npm-dependency-versions package through 0.3.0 for Node.js al
 CVE-2022-29079
 	RESERVED
 CVE-2022-29078 (The ejs (aka Embedded JavaScript templates) package 3.1.6 for Node.js  ...)
-	- node-ejs <unfixed> (bug #1010359)
+	- node-ejs 3.1.7-1 (bug #1010359)
 	NOTE: https://eslam.io/posts/ejs-server-side-template-injection-rce/
 	NOTE: https://github.com/mde/ejs/commit/15ee698583c98dadc456639d6245580d17a24baf (v3.1.7)
 CVE-2022-29077 (A heap-based buffer overflow exists in rippled before 1.8.5. The vulne ...)
-- 
cgit v1.2.3