From 121874f4bf65cab335f0d38e376415438cde1c74 Mon Sep 17 00:00:00 2001
From: Moritz Muehlenhoff <jmm@debian.org>
Date: Wed, 3 Mar 2021 12:12:42 +0100
Subject: qemu n/a for released suites

---
 data/CVE/2021.list | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/data/CVE/2021.list b/data/CVE/2021.list
index c8f65cb3e9..38f3825650 100644
--- a/data/CVE/2021.list
+++ b/data/CVE/2021.list
@@ -16677,10 +16677,10 @@ CVE-2021-20264
 CVE-2021-20263
 	RESERVED
 	- qemu <unfixed>
+	[buster] - qemu <not-affected> (Introduced in 5.2.0)
+	[stretch] - qemu <not-affected> (Introduced in 5.2.0)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1933668
-	NOTE: Exploitability of the issue depends on interaction with virtiofsd, but CVE is
-	NOTE: associated with qemu.
-	TODO: check details
+	NOTE: Introduced in https://git.qemu.org/?p=qemu.git;a=commit;h=725ca3313a5b9cbef89eaa1c728567684f37990a
 CVE-2021-20262
 	RESERVED
 	NOT-FOR-US: Keycloak
-- 
cgit v1.2.3