From dd1eaeb99bc527bb3a631d647ae20bcd14f482ba Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Sat, 5 May 2018 21:25:23 +0200
Subject: Update information on CVE-2005-4849/derby

---
 data/CVE/2005.list | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'data/CVE/2005.list')

diff --git a/data/CVE/2005.list b/data/CVE/2005.list
index cc3cb22c69..55439e7bb9 100644
--- a/data/CVE/2005.list
+++ b/data/CVE/2005.list
@@ -116,7 +116,9 @@ CVE-2005-4851 (eZ publish 3.4.4 through 3.7 before 20050722 applies certain ...)
 CVE-2005-4850 (eZ publish 3.5 through 3.7 before 20050608 requires both edit and ...)
 	- ezpublish <removed> (bug #424790)
 CVE-2005-4849 (Apache Derby before 10.1.2.1 exposes the (1) user and (2) password ...)
-	- derby <undetermined>
+	- derby <not-affected> (Fixed before initial upload to Debian)
+	NOTE: http://issues.apache.org/jira/browse/DERBY-530
+	NOTE: http://issues.apache.org/jira/browse/DERBY-559
 CVE-2005-4848 (Buffer overflow in the decompression algorithm in Research in Motion ...)
 	NOT-FOR-US: BlackBerry Enterprise Server
 CVE-2005-4847 (Unspecified vulnerability in Spey 0.3.3 has unknown impact and attack ...)
-- 
cgit v1.2.3