From 32d2727ce5b041d188158761a37f7dc82ba8621e Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Tue, 25 Jan 2022 22:08:45 +0100
Subject: CVE-2021-23567: Clarify that the referenced commit is introducing the
 issue

---
 data/CVE/list.2021 | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/data/CVE/list.2021 b/data/CVE/list.2021
index 791332a5e2..9a44002772 100644
--- a/data/CVE/list.2021
+++ b/data/CVE/list.2021
@@ -56326,7 +56326,7 @@ CVE-2021-23568 (The package extend2 before 1.0.1 are vulnerable to Prototype Pol
 CVE-2021-23567 (The package colors after 1.4.0 are vulnerable to Denial of Service (Do ...)
 	- colors.js <not-affected> (Vulnerable code never in a released Debian version)
 	NOTE: https://github.com/Marak/colors.js/issues/285
-	NOTE: https://github.com/Marak/colors.js/commit/074a0f8ed0c31c35d13d28632bd8a049ff136fb6
+	NOTE: Introduced with: https://github.com/Marak/colors.js/commit/074a0f8ed0c31c35d13d28632bd8a049ff136fb6
 CVE-2021-23566 (The package nanoid before 3.1.31 are vulnerable to Information Exposur ...)
 	NOT-FOR-US: Node nanoid (NaN0-1D)
 CVE-2021-23565
-- 
cgit v1.2.3