From 91718390c87304ec8bcde9b6d6de2f3adea993e1 Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Mon, 1 Jun 2020 10:55:33 +0200
Subject: Mark CVE-2020-10754 as unimportant

The issue is present source-wise but it effectively only affects builds
with the ifcfg-rh settings plugin enabled. This is (and cannot be) for
Debian builds.
---
 data/CVE/list.2020 | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/data/CVE/list.2020 b/data/CVE/list.2020
index cb07e8e547..595834108a 100644
--- a/data/CVE/list.2020
+++ b/data/CVE/list.2020
@@ -6866,9 +6866,12 @@ CVE-2020-10755
 	RESERVED
 CVE-2020-10754 [user configuration not honoured leaving the connection unauthenticated via insecure defaults]
 	RESERVED
-	- network-manager <unfixed>
+	- network-manager <unfixed> (unimportant)
 	NOTE: https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/issues/448
 	NOTE: https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/commit/8affcc19b61fc3c516474ba075e61b82030feeb4
+	NOTE: Only affects builds enabling ifcfg-rh settings plugin, source-wise only
+	NOTE: affected but not the Debian binary builds (and is RedHat/Fedora specific
+	NOTE: plugin).
 CVE-2020-10753
 	RESERVED
 CVE-2020-10752
-- 
cgit v1.2.3