Salvatore Bonaccorso · Salvatore Bonaccorso · Salvatore Bonaccorso · Salvatore Bonaccorso · Salvatore Bonaccorso · 07559e01
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -11,7 +11,7 @@ CVE-2019-7654
 CVE-2019-7652
 	RESERVED
 CVE-2019-7651 (EPP.sys in Emsisoft Anti-Malware 2018.8.1.8923 allows an attacker to ...)
-	TODO: check
+	NOT-FOR-US: Emsisoft Anti-Malware
 CVE-2019-7650
 	RESERVED
 CVE-2019-7653 (The Debian python-rdflib-tools 4.2.2-1 package for RDFLib 4.2.2 has ...)
@@ -21,7 +21,7 @@ CVE-2019-7653 (The Debian python-rdflib-tools 4.2.2-1 package for RDFLib 4.2.2 h
 CVE-2019-7649
 	RESERVED
 CVE-2019-7648 (controller/fetchpwd.php and controller/doAction.php in Hotels_Server ...)
-	TODO: check
+	NOT-FOR-US: Hotels_Server
 CVE-2019-7647
 	RESERVED
 CVE-2019-7646
@@ -51451,8 +51451,8 @@ CVE-2017-18198 (print_iso9660_recurse in iso-info.c in GNU libcdio before 1.0.0
 CVE-2017-18197 (In mxGraphViewImageReader.java in mxGraph before 3.7.6, the ...)
 	{DLA-1299-1}
 	- libjgraphx-java <unfixed> (low; bug #891796)
-	[jessie] - libjgraphx-java <no-dsa> (Minor issue)
 	[stretch] - libjgraphx-java <no-dsa> (Minor issue)
+	[jessie] - libjgraphx-java <no-dsa> (Minor issue)
 	NOTE: https://github.com/jgraph/mxgraph/issues/124
 	NOTE: https://bitbucket.org/jgraph/mxgraph2/commits/7d159ca3259b961cbb1c51b4ea42cb408c624ff1
 CVE-2018-7443 (The ReadTIFFImage function in coders/tiff.c in ImageMagick 7.0.7-23 Q16 ...)
@@ -63739,7 +63739,7 @@ CVE-2017-17720
 CVE-2017-17719 (A cross-site scripting (XSS) vulnerability in the wp-concours plugin ...)
 	NOT-FOR-US: wp-concours plugin for WordPress
 CVE-2017-17718 (The Net::LDAP (aka net-ldap) gem before 0.16.0 for Ruby has Missing SSL ...)
-	- ruby-net-ldap <unfixed> (bug #884693)
+	- ruby-net-ldap 0.16.1-1 (bug #884693)
 	[stretch] - ruby-net-ldap <no-dsa> (Minor issue)
 	[jessie] - ruby-net-ldap <not-affected> (Documentation already states that there is no validation)
 	[wheezy] - ruby-net-ldap <ignored> (Doc always said that there is no validation)
@@ -91896,6 +91896,7 @@ CVE-2017-1000071 (Jasig phpCAS version 1.3.4 is vulnerable to an authentication
 	[jessie] - php-cas <no-dsa> (Minor issue)
 	[wheezy] - php-cas <no-dsa> (Minor issue, only works with old CAS server)
 	NOTE: https://github.com/Jasig/phpCAS/issues/228
+	NOTE: Fixed by: https://github.com/apereo/phpCAS/commit/c9ba00327fd0ac8faecc62ce150c1986022856cd
 	NOTE: The vulnerability only exists when the server is affected by
 	NOTE: another very old vulnerability fixed in 2010.
 CVE-2017-1000070 (The Bitly oauth2_proxy in version 2.1 and earlier was affected by an ...)
--- a/data/dsa-needed.txt
+++ b/data/dsa-needed.txt
@@ -27,8 +27,6 @@ glusterfs
 --
 graphicsmagick
 --
-libu2f-host
--
 libidn
  santiago proposed debdiffs for jessie and stretch
 --