From bb145b843426e523fd36028c4e248fbbe8249c80 Mon Sep 17 00:00:00 2001
From: Tatiana Bradley <tatianabradley@google.com>
Date: Thu, 4 Jan 2024 15:42:46 -0500
Subject: [PATCH] data: preserve CVE references

Change-Id: I97e83406251fb6283dd0b1f44167124d4ec99816
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/554156
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Tatiana Bradley <tatianabradley@google.com>
Reviewed-by: Damien Neil <dneil@google.com>
---
 data/cve/v5/GO-2023-2102.json  | 6 ++++++
 data/cve/v5/GO-2023-2185.json  | 3 +++
 data/reports/GO-2023-2102.yaml | 2 ++
 data/reports/GO-2023-2185.yaml | 1 +
 4 files changed, 12 insertions(+)

diff --git a/data/cve/v5/GO-2023-2102.json b/data/cve/v5/GO-2023-2102.json
index 774a45cb1..dc0691848 100644
--- a/data/cve/v5/GO-2023-2102.json
+++ b/data/cve/v5/GO-2023-2102.json
@@ -200,6 +200,12 @@
         },
         {
           "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/"
+        },
+        {
+          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/"
+        },
+        {
+          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/"
         }
       ]
     }
diff --git a/data/cve/v5/GO-2023-2185.json b/data/cve/v5/GO-2023-2185.json
index 6d4e5b9bf..34e4cc612 100644
--- a/data/cve/v5/GO-2023-2185.json
+++ b/data/cve/v5/GO-2023-2185.json
@@ -223,6 +223,9 @@
         },
         {
           "url": "http://www.openwall.com/lists/oss-security/2023/12/05/2"
+        },
+        {
+          "url": "https://security.netapp.com/advisory/ntap-20231214-0008/"
         }
       ]
     }
diff --git a/data/reports/GO-2023-2102.yaml b/data/reports/GO-2023-2102.yaml
index 382124411..ca498e211 100644
--- a/data/reports/GO-2023-2102.yaml
+++ b/data/reports/GO-2023-2102.yaml
@@ -91,3 +91,5 @@ cve_metadata:
         - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/
         - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/
         - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/
+        - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WCNCBYKZXLDFGAJUB7ZP5VLC3YTHJNVH/
+        - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVZDNSMVDAQJ64LJC5I5U5LDM5753647/
diff --git a/data/reports/GO-2023-2185.yaml b/data/reports/GO-2023-2185.yaml
index 51ac8ed98..d9b7f7c8d 100644
--- a/data/reports/GO-2023-2185.yaml
+++ b/data/reports/GO-2023-2185.yaml
@@ -96,3 +96,4 @@ cve_metadata:
     cwe: 'CWE-41: Improper Resolution of Path Equivalence'
     references:
         - http://www.openwall.com/lists/oss-security/2023/12/05/2
+        - https://security.netapp.com/advisory/ntap-20231214-0008/