JSON Bug Data inconsistent
Bug number #949085 references CVE-2020-7039 for package slirp.
When I pull the JSON data for that package/cve i get the bug that it was cloned from, and the bug for the other packages.
>>> import json
>>> with open("data/debsec.json", "r") as json_d:
... debsec = json.load(json_d)
>>> from pprint import pprint
>>> pprint(debsec["slirp"]["CVE-2020-7039"])
{'debianbug': 949084,
'description': 'tcp_emu in tcp_subr.c in libslirp 4.1.0, as used in QEMU '
'4.2.0, mismanages memory, as demonstrated by IRC DCC commands '
'in EMU_IRC. This can cause a heap-based buffer overflow or '
'other out-of-bounds access which can lead to a DoS or '
'potential execute arbitrary code.',
'releases': {'bullseye': {'fixed_version': '1:1.0.17-10',
'repositories': {'bullseye': '1:1.0.17-10'},
'status': 'resolved',
'urgency': 'not yet assigned'},
'buster': {'nodsa': 'Minor issue; can be fixed via point release',
'nodsa_reason': '',
'repositories': {'buster': '1:1.0.17-8'},
'status': 'open',
'urgency': 'not yet assigned'},
'jessie': {'fixed_version': '1:1.0.17-7+deb8u1',
'repositories': {'jessie': '1:1.0.17-7',
'jessie-security': '1:1.0.17-7+deb8u1'},
'status': 'resolved',
'urgency': 'not yet assigned'},
'sid': {'fixed_version': '1:1.0.17-10',
'repositories': {'sid': '1:1.0.17-10'},
'status': 'resolved',
'urgency': 'not yet assigned'},
'stretch': {'nodsa': 'Minor issue; can be fixed via point '
'release',
'nodsa_reason': '',
'repositories': {'stretch': '1:1.0.17-8'},
'status': 'open',
'urgency': 'not yet assigned'}},
'scope': 'local'}
>>>