Update status for CVE-2019-1209{4,5}

For the remaining unfixed part the issues where minor and to be ignored.
Upstreams shows no interest that they further get adressed. Mark those
as unimportant given the negligible impact.

1 files changed, 5 insertions, 8 deletions

diff --git a/data/CVE/2019.list b/data/CVE/2019.list
index a1bbadd68b..5d0dc0aba8 100644
--- a/data/CVE/2019.list
+++ b/data/CVE/2019.list
@@ -23130,21 +23130,18 @@ CVE-2019-12096
 	RESERVED
 CVE-2019-12095 (Horde Trean, as used in Horde Groupware Webmail Edition through 5.2.22 ...)
 	{DLA-2033-1}
-	- php-horde-trean <unfixed>
-	[buster] - php-horde-trean <ignored> (Minor issue)
-	[stretch] - php-horde-trean <ignored> (Minor issue)
-	[jessie] - php-horde-trean <ignored> (Minor issue)
+	- php-horde-trean <unfixed> (unimportant)
 	- php-horde 5.2.21+debian0-1
 	[buster] - php-horde 5.2.20+debian0-1+deb10u1
 	[stretch] - php-horde 5.2.13+debian0-1+deb9u1
 	NOTE: https://github.com/horde/base/commit/81a7b53973506856db67e7f0b0263be29528aa75
 	NOTE: https://bugs.horde.org/ticket/14926 (for the stored XSS)
+	NOTE: Negligible impact for php-horde-trean, and unlikely that upstream will address
 CVE-2019-12094 (Horde Groupware Webmail Edition through 5.2.22 allows XSS via an admin ...)
-	- php-horde <unfixed>
-	[buster] - php-horde <ignored> (Minor issue)
-	[stretch] - php-horde <ignored> (Minor issue)
-	[jessie] - php-horde <ignored> (Minor issue)
+	- php-horde <unfixed> (unimportant)
 	NOTE: https://bugs.horde.org/ticket/14926 (for the reflected XSS)
+	NOTE: Negligible impact and unlikely that upstream will address after fixes
+	NOTE: for CVE-2019-12095
 CVE-2019-12093
 	RESERVED
 CVE-2019-12092