CVE-2019-10160/python3.4: actually not-affected, clarify comments

author: Sylvain Beucler <beuc@beuc.net> 2020-07-08 21:27:56 +0200
committer: Sylvain Beucler <beuc@beuc.net> 2020-07-08 21:32:01 +0200
commit: e6125c4d7daa8f674a033753e393da619ceae8a4 (patch)
tree: e37fea92aba2c2f81800c521a473d94d4657f523
parent: f245cf1ce4e8807702de17a0e519e09eef60a1d7 (diff)
1 files changed, 3 insertions, 3 deletions
diff --git a/data/CVE/list b/data/CVE/list
index a93b0798dc..da12873c6e 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -68250,9 +68250,9 @@ CVE-2019-10161 (It was discovered that libvirtd before versions 4.10.1 and 5.4.1
 CVE-2019-10160 (A security regression of CVE-2019-9636 was discovered in python since  ...)
 	- python3.7 3.7.4~rc2-2
 	[buster] - python3.7 3.7.3-2+deb10u1
-	- python3.6 <not-affected> (Incomplete fix for CVE-2019-9636 not applied)
-	- python3.5 <not-affected> (Incomplete fix for CVE-2019-9636 not applied)
-	- python3.4 <removed>
+	- python3.6 <not-affected> (Fix for CVE-2019-9636 not applied)
+	- python3.5 <not-affected> (Fix for CVE-2019-9636 not applied)
+	- python3.4 <not-affected> (Vulnerable fix to regression introduced by fix for CVE-2019-9636 not applied)
 	- python2.7 2.7.16-3
 	[buster] - python2.7 2.7.16-2+deb10u1
 	[stretch] - python2.7 <not-affected> (Incomplete fix for CVE-2019-9636 not applied)
author	Sylvain Beucler <beuc@beuc.net>	2020-07-08 21:27:56 +0200
committer	Sylvain Beucler <beuc@beuc.net>	2020-07-08 21:32:01 +0200
commit	e6125c4d7daa8f674a033753e393da619ceae8a4 (patch)
tree	e37fea92aba2c2f81800c521a473d94d4657f523
parent	f245cf1ce4e8807702de17a0e519e09eef60a1d7 (diff)