From d1d8e4cb4e8ec83f2c6e6b44ebdf1aca81f6b633 Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Thu, 30 Jan 2020 12:52:52 +0100
Subject: Update tracking for CVE-2018-19607/exiv2

---
 data/CVE/2018.list | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/data/CVE/2018.list b/data/CVE/2018.list
index 0cb57b7b76..08f4cfd7c5 100644
--- a/data/CVE/2018.list
+++ b/data/CVE/2018.list
@@ -4307,8 +4307,7 @@ CVE-2018-19608 (Arm Mbed TLS before 2.14.1, before 2.7.8, and before 2.1.17 allo
 	NOTE: https://tls.mbed.org/tech-updates/releases/mbedtls-2.14.1-2.7.8-and-2.1.17-released
 	NOTE: https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2018-03
 CVE-2018-19607 (Exiv2::isoSpeed in easyaccess.cpp in Exiv2 v0.27-RC2 allows remote att ...)
-	[experimental] - exiv2 <unfixed> (bug #915134)
-	- exiv2 <not-affected> (Vulnerable code introduced later)
+	- exiv2 <not-affected> (Vulnerable code introduced later; only affected experimental; bug #915134)
 	NOTE: Introduced by: https://github.com/Exiv2/exiv2/commit/97e7905a8b90fcbd5e8c440ad7d55bf8ffe007e5
 	NOTE: Fixed by: https://github.com/Exiv2/exiv2/commit/6e42c1b55e0fc4f360cc56010b0ffe19aa6062d9
 CVE-2018-19606
-- 
cgit v1.2.3