Update status for CVE-2021-23225/cacti

While the MITRE entries are not too much transparent, the CVE is assigned by the Red Hat CNA. Red Hat refers for CVE-2021-23225 to https://github.com/Cacti/cacti/issues/1882 which covers a set of issues. Track CVE-2021-23225 with respect to the upstream issue #1882 and so mark it as fixed with the first unstable upload after the 1.2.0 upstream version.
author: Salvatore Bonaccorso <carnil@debian.org> 2022-01-25 21:45:50 +0100
committer: Salvatore Bonaccorso <carnil@debian.org> 2022-01-25 21:45:50 +0100
commit: 9d712adaf71fe2bc8ad12345954054f7d03791aa (patch)
tree: 00aed025b6b810f4a2c763e2915e6de927d89078
parent: 6d20bf47ae239de2a80ea26456450b4d55b0c96a (diff)
1 files changed, 2 insertions, 5 deletions
diff --git a/data/CVE/list.2021 b/data/CVE/list.2021
index d37cc54cc7..67a1b74c3d 100644
--- a/data/CVE/list.2021
+++ b/data/CVE/list.2021
@@ -10220,11 +10220,8 @@ CVE-2021-3892
 CVE-2021-26247 (As an unauthenticated remote user, visit "http://&lt;CACTI_SERVER&gt;/ ...)
 	TODO: check
 CVE-2021-23225 (Cacti 1.1.38 allows authenticated users with User Management permissio ...)
-	- cacti <unfixed>
-	TODO: check if these are the correct commits
-	NOTE: https://github.com/Cacti/cacti/commit/6a945c4b4713f80d4fc63369bd5451574ebdec42
-	NOTE: https://github.com/Cacti/cacti/commit/1b9620cc0492ea6f12f63f05c94fff255da8524b
-	NOTE: https://www.cacti.net/info/changelog
+	- cacti 1.2.1+ds1-1
+	NOTE: https://github.com/Cacti/cacti/issues/1882
 CVE-2021-42553
 	RESERVED
 CVE-2021-42552
author	Salvatore Bonaccorso <carnil@debian.org>	2022-01-25 21:45:50 +0100
committer	Salvatore Bonaccorso <carnil@debian.org>	2022-01-25 21:45:50 +0100
commit	9d712adaf71fe2bc8ad12345954054f7d03791aa (patch)
tree	00aed025b6b810f4a2c763e2915e6de927d89078
parent	6d20bf47ae239de2a80ea26456450b4d55b0c96a (diff)