From 95247cf392d8d20d14418f0a1f6a3b38da665c62 Mon Sep 17 00:00:00 2001
From: Sylvain Beucler <beuc@beuc.net>
Date: Wed, 8 Jul 2020 21:27:56 +0200
Subject: CVE-2019-10160/python3.4: actually not-affected, clarify comments

---
 data/CVE/list.2019 | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/data/CVE/list.2019 b/data/CVE/list.2019
index f82db63960..8a05ef58fa 100644
--- a/data/CVE/list.2019
+++ b/data/CVE/list.2019
@@ -28143,9 +28143,9 @@ CVE-2019-10161 (It was discovered that libvirtd before versions 4.10.1 and 5.4.1
 CVE-2019-10160 (A security regression of CVE-2019-9636 was discovered in python since  ...)
 	- python3.7 3.7.4~rc2-2
 	[buster] - python3.7 3.7.3-2+deb10u1
-	- python3.6 <not-affected> (Incomplete fix for CVE-2019-9636 not applied)
-	- python3.5 <not-affected> (Incomplete fix for CVE-2019-9636 not applied)
-	- python3.4 <removed>
+	- python3.6 <not-affected> (Fix for CVE-2019-9636 not applied)
+	- python3.5 <not-affected> (Fix for CVE-2019-9636 not applied)
+	- python3.4 <not-affected> (Vulnerable fix to regression introduced by fix for CVE-2019-9636 not applied)
 	- python2.7 2.7.16-3
 	[buster] - python2.7 2.7.16-2+deb10u1
 	[stretch] - python2.7 <not-affected> (Incomplete fix for CVE-2019-9636 not applied)
-- 
cgit v1.2.3