data/CVE/list

@@ -71532,13 +71532,11 @@ CVE-2018-12552
 CVE-2018-12551 (When Eclipse Mosquitto version 1.0 to 1.5.5 (inclusive) is configured  ...)
 	{DSA-4388-1}
 	- mosquitto 1.5.6-1 (bug #921976)
-	[jessie] - mosquitto <postponed> (Minor issue)
 	NOTE: https://mosquitto.org/blog/2019/02/version-1-5-6-released/
 	NOTE: https://mosquitto.org/files/cve/2018-12551
 CVE-2018-12550 (When Eclipse Mosquitto version 1.0 to 1.5.5 (inclusive) is configured  ...)
 	{DSA-4388-1}
 	- mosquitto 1.5.6-1 (bug #921976)
-	[jessie] - mosquitto <postponed> (Minor issue)
 	NOTE: https://mosquitto.org/blog/2019/02/version-1-5-6-released/
 	NOTE: https://mosquitto.org/files/cve/2018-12550
 CVE-2018-12549 (In Eclipse OpenJ9 version 0.11.0, the OpenJ9 JIT compiler may incorrec ...)
@@ -136720,7 +136718,6 @@ CVE-2017-7656 (In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurat
 CVE-2017-7655 (In Eclipse Mosquitto version from 1.0 to 1.4.15, a Null Dereference vu ...)
 	- mosquitto 1.5.4-1 (low)
 	[stretch] - mosquitto <no-dsa> (Minor issue)
-	[jessie] - mosquitto <postponed> (Minor issue)
 	NOTE: https://bugs.eclipse.org/bugs/show_bug.cgi?id=533775
 	NOTE: https://github.com/eclipse/mosquitto/commit/79a7b36d207c9142468a7ea33695a14181a9fd24
 CVE-2017-7654 (In Eclipse Mosquitto 1.4.15 and earlier, a Memory Leak vulnerability w ...)

data/DLA/list

+[26 Oct 2019] DLA-1972-1 mosquitto - security update
+	{CVE-2017-7655 CVE-2018-12550 CVE-2018-12551 CVE-2019-11779}
+	[jessie] - mosquitto 1.3.4-2+deb8u4
 [26 Oct 2019] DLA-1971-1 libarchive - security update
 	{CVE-2019-18408}
 	[jessie] - libarchive 3.1.2-11+deb8u8

data/dla-needed.txt

@@ -82,8 +82,6 @@ linux (Ben Hutchings)
 --
 linux-4.9 (Ben Hutchings)
 --
-mosquitto (Thorsten Alteholz)
---
 nghttp2
   NOTE: 20190930: nghttp2 in jessie is likely not affected by CVE-2019-95{11,13}.
   NOTE: 20190930: waiting for feedback from Thorsten and Abhijith as they put