We might soon stop adding entries in that case as it's redundant.
This is interesting. We are using a security scanner (Trivy) to check our Alpine-based systems for vulnerabilities. Trivy's vulnerability DB is based on the reports on secdb, which, as far as we understand, comes from these secfixes entries. Would you recommend talking to the Trivy maintainers about this behavior as a potential bug, given that secdb should not be expected to be complete?
Sandro (86c4402c) at 30 Aug 05:40
We just noticed that this was missing and wanted to complete the secdb data.
https://www.cve.org/CVERecord?id=CVE-2023-2911
I didn't check for the other stable branches but if this change is correct I can also do it for the other stable channels, just let me know.
Sandro (86c4402c) at 29 Aug 15:04
main/bind: add secfixes entry for CVE-2023-2911
... and 1450 more commits