Thorsten Alteholz · Thorsten Alteholz · Thorsten Alteholz · e1915743
--- a/data/dla-needed.txt
+++ b/data/dla-needed.txt
@@ -9,6 +9,8 @@ To pick an issue, simply add your name behind it. To learn more about how
 this list is updated have a look at
 https://wiki.debian.org/LTS/Development#Triage_new_security_issues

+--
+ansible
 --
 cairo
  NOTE: 20181024: No fix available yet.
@@ -41,6 +43,8 @@ liblivemedia (Hugo Lefeuvre)
  NOTE: CVE entry says remote: "no", but it looks like a pretty exploitable remote vulnerability
  NOTE: (remote code execution)... CVE is very well documented so I think this is worth a patch
 --
+libmspack (Thorsten Alteholz)
+--
 libspring-java (Abhijith PA)
  NOTE: 20181025: uses internal system & id to handle security issues, thus very hard chase all relevant commits. Contacted 
  NOTE: 20181025: upstream but they couldn't help either. Only way left is to mark remaining vulnerabilities as no-dsa. 
@@ -78,6 +82,9 @@ qemu (Santiago)
  NOTE: 20181026: no fix yet for recent dsa issues, but start working on
  NOTE: pending no-dsa issues
 --
+prayer
+  NOTE: 20181026: more information and patch can be found in bug #911842
+--
 salt (Antoine Beaupre)
  NOTE: 20180921: CVE-2017-7893 is not crucial since the managed system must be
  NOTE: 20180921: compromised first. But the security escalation effect can cause