From d41ecc95bbd34e9a3039108325fd8a38ad210986 Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Wed, 8 Jan 2020 22:57:43 +0100
Subject: Revert "Update old CVEs for phpmyadmin"

The vulnerablities are not just not affected because they are not
present in any supported suites.

The fixing version needs either to be pin-pointed or the entries
otherwise keept as they are now.

This reverts commit 7b2a44081ee909fbc5d69a7aa8257a7ab1b5de27.
---
 data/CVE/2007.list | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'data/CVE/2007.list')

diff --git a/data/CVE/2007.list b/data/CVE/2007.list
index 9006aafb51..fb3b5cee72 100644
--- a/data/CVE/2007.list
+++ b/data/CVE/2007.list
@@ -5877,7 +5877,8 @@ CVE-2007-4308 (The (1) aac_cfg_open and (2) aac_compat_ioctl functions in the SC
 CVE-2007-4307 (Multiple cross-site scripting (XSS) vulnerabilities in Storesprite 7 a ...)
 	NOT-FOR-US: Storesprite
 CVE-2007-4306 (Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 2.10 ...)
-	- phpmyadmin <not-affected> (vulnerable code is not present)
+	- phpmyadmin <unfixed> (unimportant)
+	[sarge] - phpmyadmin <not-affected>
 	NOTE: It seems that this requires knowledge of a unguessable session token.
 	NOTE: Confirmed by upstream. Sarge is not affected at all.
 CVE-2007-4305 (Multiple race conditions in the (1) Sudo monitor mode and (2) Sysjail  ...)
-- 
cgit v1.2.3