Update information for CVE-2019-25016/doas

author: Salvatore Bonaccorso <carnil@debian.org> 2021-02-05 06:18:56 +0100
committer: Salvatore Bonaccorso <carnil@debian.org> 2021-02-05 06:18:56 +0100
commit: de0c62615e147b5802d6aab3a91bfb969995fe24 (patch)
tree: b91985f7e43489a5d4503562fbf0b887af5e9690 /data/CVE/2019.list
parent: 2e4b07c6938a815878626b08604f516fe5129558 (diff)
1 files changed, 3 insertions, 2 deletions
diff --git a/data/CVE/2019.list b/data/CVE/2019.list
index a4b237b449..f7ac573379 100644
--- a/data/CVE/2019.list
+++ b/data/CVE/2019.list
@@ -5,8 +5,9 @@ CVE-2019-25017 (An issue was discovered in rcp in MIT krb5-appl through 1.0.3. D
 	- krb5-appl <removed>
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1131109
 CVE-2019-25016 (In OpenDoas from 6.6 to 6.8 the users PATH variable was incorrectly in ...)
-	- doas <itp> (bug #981176)
-	NOTE: https://github.com/Duncaen/OpenDoas/commit/01c658f8c45cb92a343be5f32aa6da70b2032168
+	- doas <not-affected> (Fixed with initial upload to Debian)
+	NOTE: Introduced in: https://github.com/Duncaen/OpenDoas/commit/01c658f8c45cb92a343be5f32aa6da70b2032168 (v6.6)
+	NOTE: Fixed by: https://github.com/Duncaen/OpenDoas/commit/d5acd52e2a15c36a8e06f9103d35622933aa422d (v6.8.1)
 	NOTE: https://github.com/Duncaen/OpenDoas/issues/45
 CVE-2019-25015 (LuCI in OpenWrt 18.06.0 through 18.06.4 allows stored XSS via a crafte ...)
 	NOT-FOR-US: LuCI in OpenWrt
author	Salvatore Bonaccorso <carnil@debian.org>	2021-02-05 06:18:56 +0100
committer	Salvatore Bonaccorso <carnil@debian.org>	2021-02-05 06:18:56 +0100
commit	de0c62615e147b5802d6aab3a91bfb969995fe24 (patch)
tree	b91985f7e43489a5d4503562fbf0b887af5e9690 /data/CVE/2019.list
parent	2e4b07c6938a815878626b08604f516fe5129558 (diff)