Markus Koschany · Markus Koschany · 2daa0d14 · 2daa0d14
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -22,6 +22,9 @@ CVE-2019-12312 (In Libreswan before 3.28, an assertion failure can lead to a plu
 	NOTE: https://github.com/libreswan/libreswan/commit/7142d2c37d58cf024595a7549f0fb0d3946682f8
 CVE-2017-18375 (Ampache 3.8.3 allows PHP Object Instantiation via democratic.ajax.php  ...)
 	- ampache <removed>
+	[jessie] - ampache <no-dsa> (Minor issue)
+	NOTE: https://fenceposterror.github.io/2017/06/16/Hacking-For-Fun-And-Non-Profit.html
+	NOTE: https://github.com/ampache/ampache/issues/1555
 CVE-2016-10759 (The Xinha plugin in Precurio 2.1 allows Directory Traversal, with resu ...)
 	TODO: check
 CVE-2016-10758 (PHPKIT 1.6.6 allows arbitrary File Upload, as demonstrated by a .php f ...)
--- a/data/dla-needed.txt
+++ b/data/dla-needed.txt
@@ -30,6 +30,8 @@ faad2 (Hugo Lefeuvre)
  NOTE: 20190525: see https://github.com/knik0/faad2/pull/36
 --
 freeimage
+  NOTE: Maintainer will take care of the update.
+  NOTE: https://lists.debian.org/debian-lts/2019/05/msg00079.html
 --
 hdf5 (Hugo Lefeuvre)
  NOTE: 20190511: upstream was not aware of our undetermined issues. They have assigned