Thorsten Alteholz · Thorsten Alteholz · Thorsten Alteholz · Thorsten Alteholz · Thorsten Alteholz · Thorsten Alteholz
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1157,11 +1157,13 @@ CVE-2019-16411 (An issue was discovered in Suricata 4.1.4. By sending multiple I
 	- suricata 1:4.1.5-1 (low)
 	[buster] - suricata <no-dsa> (Minor issue)
 	[stretch] - suricata <no-dsa> (Minor issue)
+	[jessie] - suricata <no-dsa> (Minor issue)
 	NOTE: https://suricata-ids.org/2019/09/24/suricata-4-1-5-released/
 CVE-2019-16410 (An issue was discovered in Suricata 4.1.4. By sending multiple fragmen ...)
 	- suricata 1:4.1.5-1 (low)
 	[buster] - suricata <no-dsa> (Minor issue)
 	[stretch] - suricata <no-dsa> (Minor issue)
+	[jessie] - suricata <no-dsa> (Minor issue)
 	NOTE: https://suricata-ids.org/2019/09/24/suricata-4-1-5-released/
 CVE-2019-16409
 	RESERVED
@@ -2489,6 +2491,7 @@ CVE-2019-15941 [oidc authorization codes are not tied to their RP]
 	RESERVED
 	- lemonldap-ng 2.0.6+ds-1
 	[stretch] - lemonldap-ng <ignored> (Restrictions on OIDC federation added in 2.0)
+	[jessie] - lemonldap-ng <not-affected> (Vulnerable code introduced later)
 	NOTE: Vulnerability exists pre-2.0 versions, but as restrictions on OIDC federation
 	NOTE: were added only in 2.0 the vulnerability has no effect. The vulnerability
 	NOTE: itself exists only with versions >= 1.9.0 (as there is no OIDC before)
@@ -3210,6 +3213,7 @@ CVE-2019-15699 (An issue was discovered in app-layer-ssl.c in Suricata 4.1.4. Up
 	- suricata 1:4.1.5-1 (low)
 	[buster] - suricata <no-dsa> (Minor issue)
 	[stretch] - suricata <no-dsa> (Minor issue)
+	[jessie] - suricata <not-affected> (Vulnerable code introduced later)
 	NOTE: https://suricata-ids.org/2019/09/24/suricata-4-1-5-released/
 CVE-2019-15698 (In Octopus Deploy 2019.7.3 through 2019.7.9, in certain circumstances, ...)
 	NOT-FOR-US: Octopus Deploy
@@ -41875,6 +41879,7 @@ CVE-2019-2390 (An unprivileged user or program on Microsoft Windows which can cr
 CVE-2019-2389 (Incorrect scoping of kill operations in MongoDB Server's packaged SysV ...)
 	- mongodb <unfixed> (low)
 	[stretch] - mongodb <ignored> (Minor issue)
+	[jessie] - mongodb <ignored> (Minor issue)
 CVE-2019-2388
 	RESERVED
 CVE-2019-2387
--- a/data/dla-needed.txt
+++ b/data/dla-needed.txt
@@ -28,6 +28,8 @@ clamav
 --
 e2fsprogs (Thorsten Alteholz)
 --
+file-roller
+--
 freeimage
  NOTE: Maintainer will take care of the update.
  NOTE: https://lists.debian.org/debian-lts/2019/05/msg00079.html
@@ -108,6 +110,8 @@ openjpeg2
 --
 pam-python
 --
+poppler (Thorsten Alteholz)
+--
 radare2
  NOTE: 20190816: Affected by CVE-2019-14745. Vulnerable code is in
  NOTE: libr/core/bin.c. Many no-dsa issues in Jessie and Stretch.