From 63ef3d43ee5c223a34049aa2c04a72ce0b58c066 Mon Sep 17 00:00:00 2001
From: Mark McCormick <mark.mccormick@chainguard.dev>
Date: Sat, 7 Dec 2024 15:52:45 -0500
Subject: [PATCH 1/2] pending-upstream-fix advisory for GHSA-c2f5-jxjv-2hh8

Signed-off-by: Mark McCormick <mark.mccormick@chainguard.dev>
---
 zellij.advisories.yaml | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/zellij.advisories.yaml b/zellij.advisories.yaml
index e8b94ebee4..bcea8325ac 100644
--- a/zellij.advisories.yaml
+++ b/zellij.advisories.yaml
@@ -199,6 +199,13 @@ advisories:
             componentType: rust-crate
             componentLocation: /usr/bin/zellij
             scanner: grype
+      - timestamp: 2024-11-07T23:00:36Z
+        type: pending-upstream-fix
+        data:
+          note: |
+            This vulnerability relates to dependency: wasmtime, and a fixed version is available: v25.0.0.
+            Unfortunately, we are not able to upgrade to the fixed version of wasmtime, as this results in build errors.
+            There are other dependencies which depend on an older wasmtime version. Waiting for upstream to fix.
 
   - id: CGA-wwr7-2chc-98v2
     aliases:

From 9a0306b0cd4d0c6fe9af30c66aab880fc645b9bb Mon Sep 17 00:00:00 2001
From: Mark McCormick <mark.mccormick@chainguard.dev>
Date: Sat, 7 Dec 2024 15:55:28 -0500
Subject: [PATCH 2/2] fix tiemstamp

Signed-off-by: Mark McCormick <mark.mccormick@chainguard.dev>
---
 zellij.advisories.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/zellij.advisories.yaml b/zellij.advisories.yaml
index bcea8325ac..a7e862ceaf 100644
--- a/zellij.advisories.yaml
+++ b/zellij.advisories.yaml
@@ -199,7 +199,7 @@ advisories:
             componentType: rust-crate
             componentLocation: /usr/bin/zellij
             scanner: grype
-      - timestamp: 2024-11-07T23:00:36Z
+      - timestamp: 2024-12-07T20:54:00Z
         type: pending-upstream-fix
         data:
           note: |