data/reports: add missing ghsa to GO-2022-1026

tatianab · Tatiana Bradley · commit 5f46aabc11e1 · 2022-12-29T20:17:59.000Z
Aliases: CVE-2022-3347, GHSA-jr65-gpj5-cw74 Updates #1026 Fixes #1207 Change-Id: I4210c82048952021bf5b6ea4dd761708e159002b Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/459840 Reviewed-by: Tim King <taking@google.com> Reviewed-by: Tatiana Bradley <tatiana@golang.org> TryBot-Result: Gopher Robot <gobot@golang.org> Run-TryBot: Tatiana Bradley <tatiana@golang.org>
diff --git a/data/osv/GO-2022-1026.json b/data/osv/GO-2022-1026.json
@@ -3,7 +3,8 @@
   "published": "0001-01-01T00:00:00Z",
   "modified": "0001-01-01T00:00:00Z",
   "aliases": [
-    "CVE-2022-3347"
+    "CVE-2022-3347",
+    "GHSA-jr65-gpj5-cw74"
   ],
   "details": "DNSSEC validation is not performed correctly. An attacker can cause this package to report successful validation for invalid, attacker-controlled records.\n\nRoot DNSSEC public keys are not validated, permitting an attacker to present a self-signed root key and delegation chain.",
   "affected": [
diff --git a/data/reports/GO-2022-1026.yaml b/data/reports/GO-2022-1026.yaml
@@ -10,6 +10,8 @@ description: |
 
     Root DNSSEC public keys are not validated, permitting an attacker
     to present a self-signed root key and delegation chain.
+ghsas:
+  - GHSA-jr65-gpj5-cw74
 references:
   - report: https://github.com/peterzen/goresolver/issues/5#issuecomment-1150214257
 cve_metadata:
