From ed90fb708609031028ef84aa4a8b673598c51305 Mon Sep 17 00:00:00 2001
From: Martin Holst Swende <martin@swende.se>
Date: Tue, 24 Aug 2021 10:03:07 +0200
Subject: [PATCH] =?UTF-8?q?[DOCS]=C2=A0vulnerabilities:=20update=20for=20C?=
 =?UTF-8?q?VE-2021-39137=20(#23446)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 docs/_vulnerabilities/vulnerabilities.json     | 18 +++++++++++++++++-
 .../vulnerabilities.json.minisig               |  6 +++---
 2 files changed, 20 insertions(+), 4 deletions(-)

diff --git a/docs/_vulnerabilities/vulnerabilities.json b/docs/_vulnerabilities/vulnerabilities.json
index 92de0c9ccc..278c306fa2 100644
--- a/docs/_vulnerabilities/vulnerabilities.json
+++ b/docs/_vulnerabilities/vulnerabilities.json
@@ -112,8 +112,24 @@
     ],
     "introduced": "v1.10.1",
     "fixed": "v1.10.6",
-    "published": "2020-12-10",
+    "published": "2020-07-22",
     "severity": "High",
     "check": "(Geth\\/v1\\.10\\.(1|2|3|4|5)-.*)$"
+  },
+  {
+    "name": " EVM flaw during block processing ",
+    "uid": "GETH-2021-02",
+    "summary": "A vulnerability in the Geth EVM could cause a node to no longer being able to process the chain. Further details about the vulnerability will be disclosed at a later date.",
+    "description": "The exact attack vector will be provided at a later date to give node operators and dependent downstream projects time to update their nodes and software.\n\nAll Geth versions supporting the London hard fork are vulnerable (the bug is older than London), so all users should update.\n\nCredits for the discovery go to @guidovranken (working for Sentnl during an audit of the Telos EVM) and reported via bounty@ethereum.org.",
+    "links": [
+      "https://github.com/ethereum/go-ethereum/security/advisories/GHSA-9856-9gg9-qcmq",
+      "https://github.com/ethereum/go-ethereum/releases/tag/v1.10.8"
+    ],
+    "introduced": "v1.10.0",
+    "fixed": "v1.10.8",
+    "published": "2021-08-24",
+    "severity": "High",
+    "CVE": "CVE-2021-39137",
+    "check": "(Geth\\/v1\\.10\\.(0|1|2|3|4|5|6|7)-.*)$"
   }
 ]
diff --git a/docs/_vulnerabilities/vulnerabilities.json.minisig b/docs/_vulnerabilities/vulnerabilities.json.minisig
index 274a90496d..af721931bc 100644
--- a/docs/_vulnerabilities/vulnerabilities.json.minisig
+++ b/docs/_vulnerabilities/vulnerabilities.json.minisig
@@ -1,4 +1,4 @@
 untrusted comment: signature from minisign secret key
-RWQk7Lo5TQgd+4GvOo3mu4yn1fe38AaBhs41V+ldNclGaCAiJ14i/GAvaXISL9b5+K/8HE9YLBVwqrcoJwaqaGPcXd4023FTxwI=
-trusted comment: timestamp:1626982808	file:vulnerabilities.json
-G9/AvsE90wCD5Z0VXx3fuJnrolE/AAxS6y9d8G/lXvoyvAWrMx41MiIj+pz4OwcnhyQzOYo2+7nSza9H22g6DA==
+RWQk7Lo5TQgd++3L4ak5YtTZati9peOJPh98Hyd3+clXS0o12nmm/WD4/7yuWHIIjBizJ74DqMesD7d2OhjwrExKEOhYnX7vrgg=
+trusted comment: timestamp:1629790360	file:vulnerabilities.json
+hoImXPiP448MxV7UOT/uQ1xj9jeJDGDqiFz/SVylfC5VC48bdjHTWN9LOgDGZfzLS+KIke0nDttel4vMZNg+AQ==