From 9cfa71e2ced90492ee5e8e0b2412f374d0b15307 Mon Sep 17 00:00:00 2001
From: Chris Lamb <lamby@debian.org>
Date: Wed, 8 Jul 2020 15:34:45 +0100
Subject: Triage in CVE-2020-14019 in python-rtslib-fb for stretch LTS.

---
 data/CVE/list | 1 +
 1 file changed, 1 insertion(+)

(limited to 'data')

diff --git a/data/CVE/list b/data/CVE/list
index 9dfd21f5b0..0aed0cdb63 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -3946,6 +3946,7 @@ CVE-2020-14020
 	RESERVED
 CVE-2020-14019 (Open-iSCSI rtslib-fb through 2.1.72 has weak permissions for /etc/targ ...)
 	- python-rtslib-fb <unfixed>
+	[stretch] - python-rtslib-fb <not-affected> (vulnerable code introduced later, shutil.copyfile is not used)
 	[jessie] - python-rtslib-fb <not-affected> (vulnerable code introduced later, shutil.copyfile is not used)
 	NOTE: https://github.com/open-iscsi/rtslib-fb/pull/162
 CVE-2020-14018 (An issue was discovered in Navigate CMS 2.9 r1433. There is a stored X ...)
-- 
cgit v1.2.3