From 9a1139c78648b845e9502f93b135b4f0ed94232b Mon Sep 17 00:00:00 2001
From: Lucas Holt <luke@foolishgames.com>
Date: Thu, 28 Dec 2023 12:56:43 -0500
Subject: [PATCH] add older msdosfs vulnerability that was patched in 3.1.0

---
 latest-id.txt                        |  2 +-
 vulns/midnightbsd/MNBSD-2023-15.yaml | 28 ++++++++++++++++++++++++++++
 2 files changed, 29 insertions(+), 1 deletion(-)
 create mode 100644 vulns/midnightbsd/MNBSD-2023-15.yaml

diff --git a/latest-id.txt b/latest-id.txt
index 7d525fe..d7a8199 100644
--- a/latest-id.txt
+++ b/latest-id.txt
@@ -1 +1 @@
-2023-14
+2023-15
diff --git a/vulns/midnightbsd/MNBSD-2023-15.yaml b/vulns/midnightbsd/MNBSD-2023-15.yaml
new file mode 100644
index 0000000..8cf0f05
--- /dev/null
+++ b/vulns/midnightbsd/MNBSD-2023-15.yaml
@@ -0,0 +1,28 @@
+id: MNBSD-2023-15
+summary: msdosfs data disclosure
+details: A user with write access to files on a msdosfs file system may be able to
+  read unintended data (for example, from a previously deleted file).
+affected:
+  - package:
+      name: msdosfs
+      ecosystem: MidnightBSD
+    ranges:
+      - type: ECOSYSTEM
+        events:
+          - introduced: 3.0.0
+          - fixed: 3.1.0
+    versions:
+      - 3.0.0
+      - 3.0.1
+      - 3.0.2
+      - 3.1.0
+references:
+  - type: WEB
+    url: https://nvd.nist.gov/vuln/detail/CVE-2023-5368
+  - type: WEB
+    url: https://www.freebsd.org/security/advisories/FreeBSD-SA-23:12.msdosfs.asc
+aliases:
+  - FreeBSD-SA-23:12.msdosfs
+  - CVE-2023-5368
+modified: "2023-12-28T00:00:00.000Z"
+published: "2023-12-28T00:00:00.000Z"
\ No newline at end of file