Adding fixed events for slsa-verifier (#27761)

octo-sts[bot] · web-flow · commit f48604576d2a · 2025-12-08T13:25:27.000Z
* Adding Fixed Advisory CGA-48w3-8gcp-8fqr for slsa-verifier

* Adding Fixed Advisory CGA-w62j-qmrg-956p for slsa-verifier

---------

Co-authored-by: octo-sts[bot] &lt;157150467+octo-sts@users.noreply.github.com&gt;
diff --git a/slsa-verifier.advisories.yaml b/slsa-verifier.advisories.yaml
@@ -204,6 +204,10 @@ advisories:
         type: true-positive-determination
         data:
           note: 'Govulncheck found vulnerable symbols in Go binaries at the following locations: in slsa-verifier-2.7.1-r4.apk, at usr/bin/slsa-verifier, usr/bin/slsa-verifier.'
+      - timestamp: 2025-12-08T13:14:04Z
+        type: fixed
+        data:
+          fixed-version: 2.7.1-r5
 
   - id: CGA-4v6h-4h5f-jqr4
     aliases:
@@ -1061,6 +1065,10 @@ advisories:
             componentType: go-module
             componentLocation: /usr/bin/slsa-verifier
             scanner: grype
+      - timestamp: 2025-12-08T13:14:05Z
+        type: fixed
+        data:
+          fixed-version: 2.7.1-r5
 
   - id: CGA-w6wq-mmwj-h9w6
     aliases:
