CVE-2018-1311/xerces-c: reference stretch mitigation

author: Sylvain Beucler <beuc@beuc.net> 2022-04-14 15:45:41 +0200
committer: Sylvain Beucler <beuc@beuc.net> 2022-04-14 15:45:41 +0200
commit: bba95208c717b32a7177820db2e5c282f9f69d2e (patch)
tree: 8786cd02709d5f02fa82c4ebe0f50b1db24dc11f
parent: 05d6be37aff47eb3ea4bc4733c766bab604f3ee2 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/data/CVE/list b/data/CVE/list
index 6363d95408..750a708527 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -281710,7 +281710,7 @@ CVE-2018-1312 (In Apache httpd 2.2.0 to 2.4.29, when generating an HTTP Digest a
 CVE-2018-1311 (The Apache Xerces-C 3.0.0 to 3.2.3 XML parser contains a use-after-fre ...)
 	{DSA-4814-1}
 	- xerces-c 3.2.3+debian-2 (bug #947431)
-	[stretch] - xerces-c <postponed> (Minor issue, revisit when fixed upstream)
+	[stretch] - xerces-c <postponed> (Minor issue, revisit when fixed upstream, mitigated in DLA 2498-1)
 	[jessie] - xerces-c <postponed> (slow upstream interest, proper fix likely to break ABI compatibility)
 	NOTE: http://xerces.apache.org/xerces-c/secadv/CVE-2018-1311.txt
 	NOTE: https://issues.apache.org/jira/browse/XERCESC-2188
author	Sylvain Beucler <beuc@beuc.net>	2022-04-14 15:45:41 +0200
committer	Sylvain Beucler <beuc@beuc.net>	2022-04-14 15:45:41 +0200
commit	bba95208c717b32a7177820db2e5c282f9f69d2e (patch)
tree	8786cd02709d5f02fa82c4ebe0f50b1db24dc11f
parent	05d6be37aff47eb3ea4bc4733c766bab604f3ee2 (diff)