From ac158ec0242194c38ac6337d99f3af702ffe63df Mon Sep 17 00:00:00 2001
From: Moritz Muehlenhoff <jmm@debian.org>
Date: Thu, 29 Oct 2020 12:53:47 +0100
Subject: NFU

---
 data/CVE/list | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/data/CVE/list b/data/CVE/list
index 6341cd02e3..585c287f6b 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -25,7 +25,7 @@ CVE-2020-27980 (Genexis Platinum-4410 P4410-V2-1.28 devices allow stored XSS in
 CVE-2020-27979
 	RESERVED
 CVE-2020-27978 (Shibboleth Identify Provider 3.x before 3.4.6 has a denial of service  ...)
-	TODO: check
+	NOT-FOR-US: Shibboleth Identify Provider (Debian only packages the SP)
 CVE-2020-27977
 	RESERVED
 CVE-2020-27976 (osCommerce Phoenix CE before 1.0.5.4 allows OS command injection remot ...)
@@ -70951,7 +70951,6 @@ CVE-2020-0306 (In LLVM, there is a possible ineffective stack cookie placement d
 	- llvm-toolchain-10 <undetermined>
 	- llvm-toolchain-9 <undetermined>
 	- llvm-toolchain-8 <undetermined>
-	TODO: get some proper references
 CVE-2020-0305 (In cdev_get of char_dev.c, there is a possible use-after-free due to a ...)
 	- linux 5.4.13-1
 	[buster] - linux 4.19.98-1
-- 
cgit v1.2.3