kopano n/a

bash issue unimportant

1 files changed, 3 insertions, 5 deletions

diff --git a/data/CVE/list b/data/CVE/list
index ab8174c45b..f4b415d00a 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -19797,7 +19797,7 @@ CVE-2020-8016 (A Race Condition Enabling Link Following vulnerability in the pac
 CVE-2020-8015 (A UNIX Symbolic Link (Symlink) Following vulnerability in the packagin ...)
 	NOT-FOR-US: SuSE packaging of TexLive
 CVE-2020-8014 (A UNIX Symbolic Link (Symlink) Following vulnerability in the packagin ...)
-	TODO: check
+	- kopano-spamd <not-affected> (SuSE-specific packaging issue)
 CVE-2020-8013 (A UNIX Symbolic Link (Symlink) Following vulnerability in chkstat of S ...)
 	NOT-FOR-US: chkstat
 CVE-2020-8012 (CA Unified Infrastructure Management (Nimsoft/UIM) 9.20 and below cont ...)
@@ -42196,13 +42196,11 @@ CVE-2019-18277 (A flaw was found in HAProxy before 2.0.6. In legacy mode, messag
 	NOTE: https://git.haproxy.org/?p=haproxy-2.0.git;a=commit;h=196a7df44d8129d1adc795da020b722614d6a581
 	NOTE: https://nathandavison.com/blog/haproxy-http-request-smuggling
 CVE-2019-18276 (An issue was discovered in disable_priv_mode in shell.c in GNU Bash th ...)
-	- bash <unfixed> (low)
-	[buster] - bash <no-dsa> (Minor issue)
-	[stretch] - bash <no-dsa> (minor issue)
-	[jessie] - bash <no-dsa> (minor issue)
+	- bash <unfixed> (unimportant)
 	NOTE: https://git.savannah.gnu.org/cgit/bash.git/commit/?h=devel&id=951bdaad7a18cc0dc1036bba86b18b90874d39ff
 	NOTE: https://savannah.gnu.org/patch/?9822
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1158028
+	NOTE: Negligible security impact
 CVE-2019-18275 (OSIsoft PI Vision, All versions of PI Vision prior to 2019. The affect ...)
 	NOT-FOR-US: OSIsoft
 CVE-2019-18274