NFU

clarified older TODO for CNI plugins

1 files changed, 3 insertions, 3 deletions

diff --git a/data/CVE/2019.list b/data/CVE/2019.list
index 8c1f64647b..f9e17ff6ab 100644
--- a/data/CVE/2019.list
+++ b/data/CVE/2019.list
@@ -22934,7 +22934,6 @@ CVE-2019-12107 (The upnp_event_prepare function in upnpevents.c in MiniUPnP Mini
 	- miniupnpd 2.1-6 (bug #930050)
 	[stretch] - miniupnpd 1.8.20140523-4.1+deb9u2
 	NOTE: https://github.com/miniupnp/miniupnp/commit/bec6ccec63cadc95655721bc0e1dd49dac759d94
-	TODO: check, might affect minidlna
 CVE-2019-12106 (The updateDevice function in minissdpd.c in MiniUPnP MiniSSDPd 1.4 and ...)
 	{DLA-1805-1}
 	- minissdpd 1.5.20190210-1 (bug #929297)
@@ -28954,9 +28953,10 @@ CVE-2019-9947 (An issue was discovered in urllib2 in Python 2.x through 2.7.16 a
 	NOTE: Patch 2.7: https://github.com/python/cpython/commit/bb8071a4cae5ab3fe321481dd3d73662ffb26052
 CVE-2019-9946 (Cloud Native Computing Foundation (CNCF) CNI (Container Networking Int ...)
 	- kubernetes 1.17.4-1
-	- golang-github-containernetworking-plugins <undetermined>
+	- golang-github-containernetworking-plugins <not-affected> (Fixed before initial upload)
+	- singularity-container 3.5.0+ds1-1
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1692712
-	TODO: singularity-container seems to embed as well a copy of cni
+	NOTE: singularity-container embeds a copy, but switched to packaged one in 3.5.0+ds1-1, marking as fixed
 CVE-2019-9945 (SoftNAS Cloud 4.2.0 and 4.2.1 allows remote command execution. The NGI ...)
 	NOT-FOR-US: SoftNAS Cloud
 CVE-2019-9944 (In Open Microscopy Environment OMERO.server 5.0.0 through 5.6.0, the r ...)