CVE-2019-10160/python3.4: actually not-affected, clarify comments

author: Sylvain Beucler <beuc@beuc.net> 2020-07-08 21:27:56 +0200
committer: Sylvain Beucler <beuc@beuc.net> 2020-07-08 21:32:01 +0200
commit: 95247cf392d8d20d14418f0a1f6a3b38da665c62 (patch)
tree: b1c098f93afb2337fe1c17d4d7af45238383a898
parent: 73850896d6ebb9360094e0ab39a295b57674497e (diff)
1 files changed, 3 insertions, 3 deletions
diff --git a/data/CVE/list.2019 b/data/CVE/list.2019
index f82db63960..8a05ef58fa 100644
--- a/data/CVE/list.2019
+++ b/data/CVE/list.2019
@@ -28143,9 +28143,9 @@ CVE-2019-10161 (It was discovered that libvirtd before versions 4.10.1 and 5.4.1
 CVE-2019-10160 (A security regression of CVE-2019-9636 was discovered in python since  ...)
 	- python3.7 3.7.4~rc2-2
 	[buster] - python3.7 3.7.3-2+deb10u1
-	- python3.6 <not-affected> (Incomplete fix for CVE-2019-9636 not applied)
-	- python3.5 <not-affected> (Incomplete fix for CVE-2019-9636 not applied)
-	- python3.4 <removed>
+	- python3.6 <not-affected> (Fix for CVE-2019-9636 not applied)
+	- python3.5 <not-affected> (Fix for CVE-2019-9636 not applied)
+	- python3.4 <not-affected> (Vulnerable fix to regression introduced by fix for CVE-2019-9636 not applied)
 	- python2.7 2.7.16-3
 	[buster] - python2.7 2.7.16-2+deb10u1
 	[stretch] - python2.7 <not-affected> (Incomplete fix for CVE-2019-9636 not applied)
author	Sylvain Beucler <beuc@beuc.net>	2020-07-08 21:27:56 +0200
committer	Sylvain Beucler <beuc@beuc.net>	2020-07-08 21:32:01 +0200
commit	95247cf392d8d20d14418f0a1f6a3b38da665c62 (patch)
tree	b1c098f93afb2337fe1c17d4d7af45238383a898
parent	73850896d6ebb9360094e0ab39a295b57674497e (diff)