From efb54d61bf7d0f8b0bdf4fe5a4a6ea600ab48f96 Mon Sep 17 00:00:00 2001
From: "mrehak@redhat.com" <mrehak@redhat.com>
Date: Wed, 3 Jul 2019 09:44:10 +0200
Subject: [PATCH] Upstream did not merge fix in 2.9 so it is still affected

---
 2019/10xxx/CVE-2019-10137.json | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/2019/10xxx/CVE-2019-10137.json b/2019/10xxx/CVE-2019-10137.json
index a64abaa5310..17cb8346502 100644
--- a/2019/10xxx/CVE-2019-10137.json
+++ b/2019/10xxx/CVE-2019-10137.json
@@ -18,7 +18,7 @@
                                 "version": {
                                     "version_data": [
                                         {
-                                            "version_value": "spacewalk through 2.8"
+                                            "version_value": "spacewalk through 2.9"
                                         }
                                     ]
                                 }
@@ -54,7 +54,7 @@
         "description_data": [
             {
                 "lang": "eng",
-                "value": "A path traversal flaw was found in spacewalk-proxy, all versions through 2.8, in the way the proxy processes cached client tokens. A remote, unauthenticated attacker could use this flaw to test the existence of arbitrary files, if they have access to the proxy's filesystem, or can execute arbitrary code in the context of the httpd process."
+                "value": "A path traversal flaw was found in spacewalk-proxy, all versions through 2.9, in the way the proxy processes cached client tokens. A remote, unauthenticated attacker could use this flaw to test the existence of arbitrary files, if they have access to the proxy's filesystem, or can execute arbitrary code in the context of the httpd process."
             }
         ]
     },