Add affected and fixed version info to description

2025-08-04 08:44:25 +00:00 · 2020-03-25 18:55:37 -04:00 · 2020-03-25 18:55:37 -04:00 · c5c1a596f9
commit c5c1a596f9
parent fae5356b0b
2 changed files with 2 additions and 2 deletions
--- a/2019/15xxx/CVE-2019-15795.json
+++ b/2019/15xxx/CVE-2019-15795.json
@ -71,7 +71,7 @@
        "description_data": [
            {
                "lang": "eng",
-                "value": "python-apt only checks the MD5 sums of downloaded files in `Version.fetch_binary()` and `Version.fetch_source()` of apt/package.py allowing a man-in-the-middle attack which could potentially be used to install altered packages."
+                "value": "python-apt only checks the MD5 sums of downloaded files in `Version.fetch_binary()` and `Version.fetch_source()` of apt/package.py in version 1.9.0ubuntu1 and earlier. This allows a man-in-the-middle attack which could potentially be used to install altered packages and has been fixed in versions 1.9.0ubuntu1.2, 1.6.5ubuntu0.1, 1.1.0~beta1ubuntu0.16.04.7, 0.9.3.5ubuntu3+esm2, and 0.8.3ubuntu7.5."
            }
        ]
    },
--- a/2019/15xxx/CVE-2019-15796.json
+++ b/2019/15xxx/CVE-2019-15796.json
@ -77,7 +77,7 @@
        "description_data": [
            {
                "lang": "eng",
-                "value": "Python-apt doesn't check if hashes are signed in `Version.fetch_binary()` and `Version.fetch_source()` of apt/package.py or in `_fetch_archives()` of apt/cache.py. This allows downloads from unsigned repositories which shouldn't be allowed."
+                "value": "Python-apt doesn't check if hashes are signed in `Version.fetch_binary()` and `Version.fetch_source()` of apt/package.py or in `_fetch_archives()` of apt/cache.py in version 1.9.3ubuntu2 and earlier. This allows downloads from unsigned repositories which shouldn't be allowed and has been fixed in verisions 1.9.5, 1.9.0ubuntu1.2, 1.6.5ubuntu0.1, 1.1.0~beta1ubuntu0.16.04.7, 0.9.3.5ubuntu3+esm2, and 0.8.3ubuntu7.5."
            }
        ]
    },