From fe0962d6e347326d456eae9be6544a40f8810814 Mon Sep 17 00:00:00 2001
From: Neil Williams <codehelp@debian.org>
Date: Fri, 20 May 2022 10:45:44 +0100
Subject: CVE-2021-42700,2,4 inkscape 1.0-1

---
 data/CVE/list | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/data/CVE/list b/data/CVE/list
index 4964af37f7..33ca24c502 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -40080,15 +40080,21 @@ CVE-2021-42706 (This vulnerability could allow an attacker to disclose informati
 CVE-2021-42705 (PLC Editor Versions 1.3.8 and prior is vulnerable to a stack-based buf ...)
 	NOT-FOR-US: PLC Editor
 CVE-2021-42704 (Inkscape version 0.19 is vulnerable to an out-of-bounds write, which m ...)
-	TODO: check
+	- inkscape 1.0-1
+	NOTE: https://www.cisa.gov/uscert/ics/advisories/icsa-22-132-03
+	NOTE: typo in CVE - affects Inkscape Version 0.91
 CVE-2021-42703 (This vulnerability could allow an attacker to send malicious Javascrip ...)
 	NOT-FOR-US: Advantech
 CVE-2021-42702 (Inkscape version 0.19 can access an uninitialized pointer, which may a ...)
-	TODO: check
+	- inkscape 1.0-1
+	NOTE: https://www.cisa.gov/uscert/ics/advisories/icsa-22-132-03
+	NOTE: typo in CVE - affects Inkscape Version 0.91
 CVE-2021-42701 (An attacker could prepare a specially crafted project file that, if op ...)
 	NOT-FOR-US: AzeoTech
 CVE-2021-42700 (Inkscape 0.19 is vulnerable to an out-of-bounds read, which may allow  ...)
-	TODO: check
+	- inkscape 1.0-1
+	NOTE: https://www.cisa.gov/uscert/ics/advisories/icsa-22-132-03
+	NOTE: typo in CVE - affects Inkscape Version 0.91
 CVE-2021-42699 (The affected product is vulnerable to cookie information being transmi ...)
 	NOT-FOR-US: AzeoTech
 CVE-2021-42698 (Project files are stored memory objects in the form of binary serializ ...)
-- 
cgit v1.2.3