Workaround dcl issues due to source package name takeover

git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@55325 e39458fd-73e7-0310-bf30-c45bca0a0e42

1 files changed, 8 insertions, 2 deletions

diff --git a/data/CVE/2005.list b/data/CVE/2005.list
index 0c402aa2ec..f8ceaa33c5 100644
--- a/data/CVE/2005.list
+++ b/data/CVE/2005.list
@@ -9479,9 +9479,15 @@ CVE-2005-0890 (SQL injection vulnerability in Dream4 Koobi CMS 4.2.3 allows remo
 CVE-2005-0889 (Cross-site scripting (XSS) vulnerability in index.php for Dream4 Koobi ...)
 	NOT-FOR-US: Dream4 Koobi CMS
 CVE-2005-0888 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
-	- dcl 1:0.9.4.4-1
+	- dcl <not-affected> (Vulnerable code not present, affected dcl "Double Choco Latte")
+	NOTE: Until 2008 src:dcl was for the source for "Double Choco Latte". On
+	NOTE: 2017-08-30 an unrelated source took over the source package name dcl.
+	NOTE: Original issue fixed in dcl/1:0.9.4.4-1
 CVE-2005-0887 (Eval injection vulnerability in Double Choco Latte before 0.9.4.3 ...)
-	- dcl 1:0.9.4.4-1
+	- dcl <not-affected> (Vulnerable code not present, affected dcl "Double Choco Latte")
+	NOTE: Until 2008 src:dcl was for the source for "Double Choco Latte". On
+	NOTE: 2017-08-30 an unrelated source took over the source package name dcl.
+	NOTE: Original issue fixed in dcl/1:0.9.4.4-1
 CVE-2005-0886 (Cross-site scripting (XSS) vulnerability in Invision Power Board 2.0.2 ...)
 	NOT-FOR-US: Invision Power Board
 CVE-2005-0885 (Multiple cross-site scripting (XSS) vulnerabilities in XMB Forum 1.9.1 ...)