From e5241228af18667fdc458174c03d06aa4c2a554f Mon Sep 17 00:00:00 2001
From: Neil Williams <codehelp@debian.org>
Date: Thu, 19 May 2022 09:58:53 +0100
Subject: CVE-2022-22970-1/libspring-java unfixed

---
 data/CVE/list | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/data/CVE/list b/data/CVE/list
index af64e29eca..e58df8e7aa 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -24554,9 +24554,11 @@ CVE-2022-22973
 CVE-2022-22972
 	RESERVED
 CVE-2022-22971 (In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupp ...)
-	TODO: check
+	- libspring-java <unfixed>
+	NOTE: https://tanzu.vmware.com/security/cve-2022-22971
 CVE-2022-22970 (In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupp ...)
-	TODO: check
+	- libspring-java <unfixed>
+	NOTE: https://tanzu.vmware.com/security/cve-2022-22970
 CVE-2022-22969 (&lt;Issue Description&gt; Spring Security OAuth versions 2.5.x prior t ...)
 	NOT-FOR-US: spring-security-oauth
 CVE-2022-22968 (In Spring Framework versions 5.3.0 - 5.3.18, 5.2.0 - 5.2.20, and older ...)
-- 
cgit v1.2.3