From a261a33df92c837a592b41ccc540808c99c7c747 Mon Sep 17 00:00:00 2001
From: Aron Xu <aron@debian.org>
Date: Wed, 19 Jan 2022 16:54:23 +0800
Subject: Reference upstream commit for CVE-2022-0235/node-fetch

---
 data/CVE/list | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'data/CVE/list')

diff --git a/data/CVE/list b/data/CVE/list
index f1e94c3d76..a3e744ac5f 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -714,7 +714,7 @@ CVE-2022-0236 (The WP Import Export WordPress plugin (both free and premium vers
 CVE-2022-0235 (node-fetch is vulnerable to Exposure of Sensitive Information to an Un ...)
 	- node-fetch <unfixed>
 	NOTE: https://huntr.dev/bounties/d26ab655-38d6-48b3-be15-f9ad6b6ae6f7/
-	TODO: check fixing commit
+	NOTE: Fixed by: https://github.com/node-fetch/node-fetch/commit/f5d3cf5e2579cb8f4c76c291871e69696aef8f80 (v3.1.1)
 CVE-2022-0234
 	RESERVED
 CVE-2022-0233 (The ProfileGrid &#8211; User Profiles, Memberships, Groups and Communi ...)
-- 
cgit v1.2.3