From de0c62615e147b5802d6aab3a91bfb969995fe24 Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Fri, 5 Feb 2021 06:18:56 +0100
Subject: Update information for CVE-2019-25016/doas

---
 data/CVE/2019.list | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

(limited to 'data/CVE/2019.list')

diff --git a/data/CVE/2019.list b/data/CVE/2019.list
index a4b237b449..f7ac573379 100644
--- a/data/CVE/2019.list
+++ b/data/CVE/2019.list
@@ -5,8 +5,9 @@ CVE-2019-25017 (An issue was discovered in rcp in MIT krb5-appl through 1.0.3. D
 	- krb5-appl <removed>
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1131109
 CVE-2019-25016 (In OpenDoas from 6.6 to 6.8 the users PATH variable was incorrectly in ...)
-	- doas <itp> (bug #981176)
-	NOTE: https://github.com/Duncaen/OpenDoas/commit/01c658f8c45cb92a343be5f32aa6da70b2032168
+	- doas <not-affected> (Fixed with initial upload to Debian)
+	NOTE: Introduced in: https://github.com/Duncaen/OpenDoas/commit/01c658f8c45cb92a343be5f32aa6da70b2032168 (v6.6)
+	NOTE: Fixed by: https://github.com/Duncaen/OpenDoas/commit/d5acd52e2a15c36a8e06f9103d35622933aa422d (v6.8.1)
 	NOTE: https://github.com/Duncaen/OpenDoas/issues/45
 CVE-2019-25015 (LuCI in OpenWrt 18.06.0 through 18.06.4 allows stored XSS via a crafte ...)
 	NOT-FOR-US: LuCI in OpenWrt
-- 
cgit v1.2.3