From 71fd25f657ca87eb75fbccf41552801bffcfd289 Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Thu, 30 Jan 2020 20:33:05 +0100
Subject: Mark CVE-2019-20387/libsolv as no-dsa for buster and stretch

---
 data/CVE/2019.list | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/data/CVE/2019.list b/data/CVE/2019.list
index 73abcb5265..1cb0a835f8 100644
--- a/data/CVE/2019.list
+++ b/data/CVE/2019.list
@@ -152,6 +152,8 @@ CVE-2019-20388 (xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlS
 	NOTE: Proposed merge request: https://gitlab.gnome.org/GNOME/libxml2/merge_requests/68
 CVE-2019-20387 (repodata_schema2id in repodata.c in libsolv before 0.7.6 has a heap-ba ...)
 	- libsolv 0.6.36-2 (bug #949611)
+	[buster] - libsolv <no-dsa> (Minor issue)
+	[stretch] - libsolv <no-dsa> (Minor issue)
 	NOTE: https://github.com/openSUSE/libsolv/commit/fdb9c9c03508990e4583046b590c30d958f272da (0.7.6)
 CVE-2019-20386 (An issue was discovered in button_open in login/logind-button.c in sys ...)
 	- systemd 243-5
-- 
cgit v1.2.3