From 62004af88abf9ea0ac9119efa4bccd2b60e0f640 Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Sun, 31 May 2020 09:47:58 +0200
Subject: CVE-2020-1746/ansible fixed in unstable via 2.9.7 upload

---
 data/CVE/list.2020 | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/data/CVE/list.2020 b/data/CVE/list.2020
index 896270c755..08569116d7 100644
--- a/data/CVE/list.2020
+++ b/data/CVE/list.2020
@@ -26795,11 +26795,12 @@ CVE-2020-1747 (A vulnerability was discovered in the PyYAML library in versions
 	[jessie] - pyyaml <not-affected> (Loader/Constructor classes are unsafe in this version)
 	NOTE: https://github.com/yaml/pyyaml/pull/386
 CVE-2020-1746 (A flaw was found in the Ansible Engine affecting Ansible Engine versio ...)
-	- ansible <unfixed>
+	- ansible 2.9.7+dfsg-1
 	[stretch] - ansible <not-affected> (Vulnerable code introduced later)
 	[jessie] - ansible <not-affected> (Vulnerable code introduced later)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1805491
 	NOTE: https://github.com/ansible/ansible/pull/67866
+	NOTE: Fixed by: https://github.com/ansible/ansible/commit/d41e38435b1a9e300d8011ac28f16a5add2db119 (v2.9.7)
 CVE-2020-1745 (A file inclusion vulnerability was found in the AJP connector enabled  ...)
 	- undertow 2.0.30-1
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1807305
-- 
cgit v1.2.3