From 421a835cab4d00ae36b75c8c36dc6193533d3e6e Mon Sep 17 00:00:00 2001
From: Robert Schultheis <robert.schultheis@gmail.com>
Date: Wed, 21 Jul 2021 13:25:25 -0600
Subject: [PATCH] Update CVE-2021-32722 to note the new fix version

---
 2021/32xxx/CVE-2021-32722.json | 14 ++++++++++++--
 1 file changed, 12 insertions(+), 2 deletions(-)

diff --git a/2021/32xxx/CVE-2021-32722.json b/2021/32xxx/CVE-2021-32722.json
index 29c265563e3..eb27521d662 100644
--- a/2021/32xxx/CVE-2021-32722.json
+++ b/2021/32xxx/CVE-2021-32722.json
@@ -16,7 +16,7 @@
                                 "version": {
                                     "version_data": [
                                         {
-                                            "version_value": "All"
+                                            "version_value": "< 48be7adb70568e20e961ea1cb70904454a671b1d"
                                         }
                                     ]
                                 }
@@ -35,7 +35,7 @@
         "description_data": [
             {
                 "lang": "eng",
-                "value": "GlobalNewFiles is a mediawiki extension. All existing versions of GlobalNewFiles are affected by an uncontrolled resource consumption vulnerability. A large amount of page moves within a short space of time could overwhelm Database servers due to improper handling of load balancing and a lack of an appropriate index. No patches are currently available. As a workaround, one may avoid use of the extension unless additional rate limit at the MediaWiki level or via PoolCounter / MySQL is enabled."
+                "value": "GlobalNewFiles is a mediawiki extension. Versions prior to 48be7adb70568e20e961ea1cb70904454a671b1d are affected by an uncontrolled resource consumption vulnerability. A large amount of page moves within a short space of time could overwhelm Database servers due to improper handling of load balancing and a lack of an appropriate index. As a workaround, one may avoid use of the extension unless additional rate limit at the MediaWiki level or via PoolCounter / MySQL is enabled. A patch is available in version 48be7adb70568e20e961ea1cb70904454a671b1d."
             }
         ]
     },
@@ -78,6 +78,16 @@
                 "name": "https://phabricator.miraheze.org/T7532",
                 "refsource": "MISC",
                 "url": "https://phabricator.miraheze.org/T7532"
+            },
+            {
+                "name": "https://github.com/miraheze/GlobalNewFiles/commit/48be7adb70568e20e961ea1cb70904454a671b1d",
+                "refsource": "MISC",
+                "url": "https://github.com/miraheze/GlobalNewFiles/commit/48be7adb70568e20e961ea1cb70904454a671b1d"
+            },
+            {
+                "name": "https://github.com/miraheze/GlobalNewFiles/pull/17",
+                "refsource": "MISC",
+                "url": "https://github.com/miraheze/GlobalNewFiles/pull/17"
             }
         ]
     },