From b15468b98050c17502a3088f0bb5788ad2d28afa Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Tue, 12 Oct 2021 14:18:50 +0200
Subject: Mark flatpak issue no-dsa for buster

---
 data/CVE/list.2021 | 1 +
 1 file changed, 1 insertion(+)

(limited to 'data')

diff --git a/data/CVE/list.2021 b/data/CVE/list.2021
index 214312e10d..76c9306462 100644
--- a/data/CVE/list.2021
+++ b/data/CVE/list.2021
@@ -347,6 +347,7 @@ CVE-2021-3870
 	RESERVED
 CVE-2021-41133 (Flatpak is a system for building, distributing, and running sandboxed  ...)
 	- flatpak 1.12.1-1 (bug #995935)
+	[buster] - flatpak <no-dsa> (Not exploitable with Debian buster kernel, intrusive to backport; requires updated libseccomp)
 	NOTE: https://github.com/flatpak/flatpak/security/advisories/GHSA-67h7-w3jq-vh4q
 	NOTE: Sourcewise fixed in 1.12.0-1 already, but 1.12.1-1 adds stricter dependency
 	NOTE: to libseccomp 2.5.2 so that CVE-2021-41133 is fully prevented.
-- 
cgit v1.2.3