From 12558f79cceeed65814ffe99c55c02b0ab5aa6ef Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Sat, 19 Sep 2020 20:25:05 +0200
Subject: Sync some CVE information with kernel-sec

---
 data/CVE/2019.list | 2 ++
 data/CVE/2020.list | 1 +
 2 files changed, 3 insertions(+)

diff --git a/data/CVE/2019.list b/data/CVE/2019.list
index 005d9f87dc..758ee66943 100644
--- a/data/CVE/2019.list
+++ b/data/CVE/2019.list
@@ -36,6 +36,7 @@ CVE-2019-20909 (An issue was discovered in GNU LibreDWG through 0.9.3. There is
 CVE-2019-20908 (An issue was discovered in drivers/firmware/efi/efi.c in the Linux ker ...)
 	- linux 5.2.6-1
 	[buster] - linux 4.19.132-1
+	[stretch] - linux <ignored> (securelevel included but not supported)
 	NOTE: https://www.openwall.com/lists/oss-security/2020/06/14/1
 	NOTE: Fixed by: https://git.kernel.org/linus/1957a85b0032a81e6482ca4aab883643b8dae06e
 CVE-2019-20907 (In Lib/tarfile.py in Python through 3.8.3, an attacker is able to craf ...)
@@ -2983,6 +2984,7 @@ CVE-2019-19830 (_core_/plugins/medias in SPIP 3.2.x before 3.2.7 allows remote a
 	[jessie] - spip <not-affected> (Vulnerable code not present)
 CVE-2019-19770 (** DISPUTED ** In the Linux kernel 4.19.83, there is a use-after-free  ...)
 	- linux 5.7.17-1
+	[stretch] - linux <not-affected> (Vulnerability introduced later)
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=205713
 CVE-2019-19769 (In the Linux kernel 5.3.10, there is a use-after-free (read) in the pe ...)
 	- linux 5.5.13-1
diff --git a/data/CVE/2020.list b/data/CVE/2020.list
index 8a88483367..6d84643aa1 100644
--- a/data/CVE/2020.list
+++ b/data/CVE/2020.list
@@ -20480,6 +20480,7 @@ CVE-2020-15779 (A Path Traversal issue was discovered in the socket.io-file pack
 	NOT-FOR-US: Node socket.io-file
 CVE-2020-15780 (An issue was discovered in drivers/acpi/acpi_configfs.c in the Linux k ...)
 	- linux 5.7.10-1
+	[stretch] - linux <ignored> (securelevel included but not supported)
 	NOTE: https://www.openwall.com/lists/oss-security/2020/06/15/3
 	NOTE: Fixed by: https://git.kernel.org/linus/75b0cea7bf307f362057cc778efe89af4c615354
 CVE-2020-15778 (scp in OpenSSH through 8.3p1 allows command injection in scp.c remote  ...)
-- 
cgit v1.2.3