data/CVE/list

@@ -41391,8 +41391,7 @@ CVE-2017-11334 (The address_space_write_continue function in exec.c in QEMU (aka
 	NOTE: https://git.qemu.org/gitweb.cgi?p=qemu.git;a=commit;h=f5aa69bdc3418773f26747ca282c291519626ece
 	NOTE: https://git.qemu.org/gitweb.cgi?p=qemu.git;a=commit;h=04bf2526ce87f21b32c9acba1c5518708c243ad0
 CVE-2017-11333 (The vorbis_analysis_wrote function in lib/block.c in Xiph.Org libvorbis ...)
-	- libvorbis 1.3.6-1 (low; bug #870341)
-	[stretch] - libvorbis <postponed> (Minor issue, can be revisited once fixed upstream)
+	- libvorbis 1.3.5-4.1 (low; bug #870341)
 	[jessie] - libvorbis <postponed> (Minor issue, can be revisited once fixed upstream)
 	NOTE: http://seclists.org/fulldisclosure/2017/Jul/82
 	NOTE: https://gitlab.xiph.org/xiph/vorbis/issues/2332

data/DSA/list

@@ -121,7 +121,7 @@
 	[jessie] - jackson-databind 2.4.2-2+deb8u3
 	[stretch] - jackson-databind 2.8.6-1+deb9u3
 [14 Feb 2018] DSA-4113-1 libvorbis - security update
-	{CVE-2017-14632 CVE-2017-14633}
+	{CVE-2017-11333 CVE-2017-14632 CVE-2017-14633}
 	[stretch] - libvorbis 1.3.5-4+deb9u1
 [14 Feb 2018] DSA-4112-1 xen - security update
 	{CVE-2017-17563 CVE-2017-17564 CVE-2017-17565 CVE-2017-17566}