According to bd44f3fa4db9 ("Update note about CVE-2020-27776")

CVE-2020-27776 was fixed together with the fix for CVE-2020-27764.

Thus the ignored state would be in fract be "wrong" but rather marked as
fixed in the respective version. Given there was DLA 2602-1 covering
those sets of CVEs move the listing of the CVE there.

Alternatively a [stretch] - imagemagick entry with the fixed version
would have been a viable (and practiced) alternative when one does not
want to modify the CVE list of a D[LS]A.

1 files changed, 1 insertions, 1 deletions

diff --git a/data/DLA/list b/data/DLA/list
index 9fad8dfbaa..8537caf2ea 100644
--- a/data/DLA/list
+++ b/data/DLA/list
@@ -210,7 +210,7 @@
 	{CVE-2019-11372 CVE-2019-11373 CVE-2020-15395 CVE-2020-26797}
 	[stretch] - libmediainfo 0.7.91-1+deb9u1
 [22 Mar 2021] DLA-2602-1 imagemagick - security update
-	{CVE-2020-25666 CVE-2020-25675 CVE-2020-25676 CVE-2020-27754 CVE-2020-27757 CVE-2020-27758 CVE-2020-27759 CVE-2020-27761 CVE-2020-27762 CVE-2020-27764 CVE-2020-27766 CVE-2020-27767 CVE-2020-27768 CVE-2020-27769 CVE-2020-27770 CVE-2020-27771 CVE-2020-27772 CVE-2020-27774 CVE-2020-27775 CVE-2021-20176 CVE-2021-20241 CVE-2021-20244 CVE-2021-20246}
+	{CVE-2020-25666 CVE-2020-25675 CVE-2020-25676 CVE-2020-27754 CVE-2020-27757 CVE-2020-27758 CVE-2020-27759 CVE-2020-27761 CVE-2020-27762 CVE-2020-27764 CVE-2020-27766 CVE-2020-27767 CVE-2020-27768 CVE-2020-27769 CVE-2020-27770 CVE-2020-27771 CVE-2020-27772 CVE-2020-27774 CVE-2020-27775 CVE-2020-27776 CVE-2021-20176 CVE-2021-20241 CVE-2021-20244 CVE-2021-20246}
 	[stretch] - imagemagick 8:6.9.7.4+dfsg-11+deb9u12
 [21 Mar 2021] DLA-2558-2 xterm - regression update
 	[stretch] - xterm 327-2+deb9u2