Update GHSA-4mjq-hx99-8pp5.json to add two new patches for the same vulnerability #5573
Conversation
There was a problem hiding this comment.
Pull Request Overview
This PR updates the advisory JSON file to include two new patch commit references for addressing the reported vulnerability.
- Adds two new commit entries with links and summaries.
- Updates the patch commit information to supplement the existing vulnerability reference.
| { | ||
| "type": "WEB", | ||
| "url": "https://github.com/radareorg/radare2/commit/c40a4f9862104ede15d0ba05ccbf805923070778", | ||
| "summary": "The commit is a subsequent supplementary fix for the CVE." |
There was a problem hiding this comment.
[nitpick] Consider updating the commit summary on this entry to differentiate its purpose from the other patch, especially given that the PR description implies one commit is an alternative fix.
Copilot uses AI. Check for mistakes.
| { | ||
| "type": "WEB", | ||
| "url": "https://github.com/radareorg/radare2/commit/c35d1629422a12fafb0b3d379c8739c7894521e9", | ||
| "summary": "The commit is a subsequent supplementary fix for the CVE." |
There was a problem hiding this comment.
[nitpick] If these two patch commits serve different roles (e.g., one as a supplementary fix and the other as an alternative fix), their summaries should clearly reflect that distinction.
Copilot uses AI. Check for mistakes.
github-actions
bot
changed the base branch from
main
to
zly123987/advisory-improvement-5573
|
Hi @zly123987, I'm closing the PR because GitHub can't review the advisory. radareorg/radare2 isn't in one of the GitHub Advisory Database's supported ecosystems. If you are interested in seeing this commit incorporated into the CVE references, you can request a change to the CVE record and contact MITRE, the assigning CNA, at https://cveform.mitre.org/. |
Updates
Comments