From e6125c4d7daa8f674a033753e393da619ceae8a4 Mon Sep 17 00:00:00 2001
From: Sylvain Beucler <beuc@beuc.net>
Date: Wed, 8 Jul 2020 21:27:56 +0200
Subject: CVE-2019-10160/python3.4: actually not-affected, clarify comments

---
 data/CVE/list | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

(limited to 'data')

diff --git a/data/CVE/list b/data/CVE/list
index a93b0798dc..da12873c6e 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -68250,9 +68250,9 @@ CVE-2019-10161 (It was discovered that libvirtd before versions 4.10.1 and 5.4.1
 CVE-2019-10160 (A security regression of CVE-2019-9636 was discovered in python since  ...)
 	- python3.7 3.7.4~rc2-2
 	[buster] - python3.7 3.7.3-2+deb10u1
-	- python3.6 <not-affected> (Incomplete fix for CVE-2019-9636 not applied)
-	- python3.5 <not-affected> (Incomplete fix for CVE-2019-9636 not applied)
-	- python3.4 <removed>
+	- python3.6 <not-affected> (Fix for CVE-2019-9636 not applied)
+	- python3.5 <not-affected> (Fix for CVE-2019-9636 not applied)
+	- python3.4 <not-affected> (Vulnerable fix to regression introduced by fix for CVE-2019-9636 not applied)
 	- python2.7 2.7.16-3
 	[buster] - python2.7 2.7.16-2+deb10u1
 	[stretch] - python2.7 <not-affected> (Incomplete fix for CVE-2019-9636 not applied)
-- 
cgit v1.2.3