From 7de94741c967d2f984902f3f222a8af94e232e68 Mon Sep 17 00:00:00 2001
From: "octo-sts[bot]" <157150467+octo-sts@users.noreply.github.com>
Date: Sat, 8 Feb 2025 07:43:17 +0000
Subject: [PATCH 1/3] Adding Advisory CVE-2025-22866 for spicedb

---
 spicedb.advisories.yaml | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/spicedb.advisories.yaml b/spicedb.advisories.yaml
index 97133dcaa3..5b397b3728 100644
--- a/spicedb.advisories.yaml
+++ b/spicedb.advisories.yaml
@@ -227,6 +227,24 @@ advisories:
         data:
           fixed-version: 1.34.0-r2
 
+  - id: CGA-mhgr-jrvr-gx6p
+    aliases:
+      - CVE-2025-22866
+      - GHSA-3whm-j4xm-rv8x
+    events:
+      - timestamp: 2025-02-08T07:43:12Z
+        type: detection
+        data:
+          type: scan/v1
+          data:
+            subpackageName: spicedb
+            componentID: 779f2d0e553031a9
+            componentName: stdlib
+            componentVersion: go1.23.5
+            componentType: go-module
+            componentLocation: /usr/bin/spicedb
+            scanner: grype
+
   - id: CGA-mwf4-wvw6-58w7
     aliases:
       - CVE-2024-24786

From 1c60fb0655cb964d8079441bd7803d9bb8038831 Mon Sep 17 00:00:00 2001
From: Amber Arcadia <amber.arcadia@chainguard.dev>
Date: Wed, 19 Feb 2025 14:57:59 -0500
Subject: [PATCH 2/3] Deduped and fixed timestamps

---
 spicedb.advisories.yaml | 32 +++++++++++++-------------------
 1 file changed, 13 insertions(+), 19 deletions(-)

diff --git a/spicedb.advisories.yaml b/spicedb.advisories.yaml
index fa21c4021b..e142d3ccaf 100644
--- a/spicedb.advisories.yaml
+++ b/spicedb.advisories.yaml
@@ -170,7 +170,19 @@ advisories:
       - CVE-2025-22866
       - GHSA-3whm-j4xm-rv8x
     events:
-      - timestamp: 2025-02-08T12:16:04Z
+      - timestamp: 2025-02-18T07:43:12Z
+        type: detection
+        data:
+          type: scan/v1
+          data:
+            subpackageName: spicedb
+            componentID: 779f2d0e553031a9
+            componentName: stdlib
+            componentVersion: go1.23.5
+            componentType: go-module
+            componentLocation: /usr/bin/spicedb
+            scanner: grype
+      - timestamp: 2025-02-18T12:16:04Z
         type: fixed
         data:
           fixed-version: 1.40.0-r1
@@ -237,24 +249,6 @@ advisories:
         data:
           fixed-version: 1.34.0-r2
 
-  - id: CGA-mhgr-jrvr-gx6p
-    aliases:
-      - CVE-2025-22866
-      - GHSA-3whm-j4xm-rv8x
-    events:
-      - timestamp: 2025-02-08T07:43:12Z
-        type: detection
-        data:
-          type: scan/v1
-          data:
-            subpackageName: spicedb
-            componentID: 779f2d0e553031a9
-            componentName: stdlib
-            componentVersion: go1.23.5
-            componentType: go-module
-            componentLocation: /usr/bin/spicedb
-            scanner: grype
-
   - id: CGA-mwf4-wvw6-58w7
     aliases:
       - CVE-2024-24786

From 37bd8449c20dd99bb1d6b6bbf701ceb32e837b01 Mon Sep 17 00:00:00 2001
From: hbh7 <amber.arcadia@chainguard.dev>
Date: Thu, 20 Feb 2025 13:14:52 -0500
Subject: [PATCH 3/3] Reset timestamps

Signed-off-by: hbh7 <amber.arcadia@chainguard.dev>
---
 spicedb.advisories.yaml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/spicedb.advisories.yaml b/spicedb.advisories.yaml
index e142d3ccaf..3369baf31f 100644
--- a/spicedb.advisories.yaml
+++ b/spicedb.advisories.yaml
@@ -170,7 +170,7 @@ advisories:
       - CVE-2025-22866
       - GHSA-3whm-j4xm-rv8x
     events:
-      - timestamp: 2025-02-18T07:43:12Z
+      - timestamp: 2025-02-08T07:43:12Z
         type: detection
         data:
           type: scan/v1
@@ -182,7 +182,7 @@ advisories:
             componentType: go-module
             componentLocation: /usr/bin/spicedb
             scanner: grype
-      - timestamp: 2025-02-18T12:16:04Z
+      - timestamp: 2025-02-08T12:16:04Z
         type: fixed
         data:
           fixed-version: 1.40.0-r1