Sylvain Beucler · Sylvain Beucler · 91a78945 · 91a78945
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -5159,6 +5159,7 @@ CVE-2019-12971 (BKS EBK Ethernet-Buskoppler Pro before 3.01 allows Unrestricted
 CVE-2019-12970 (XSS was discovered in SquirrelMail through 1.4.22 and 1.5.x through 1. ...)
 	- squirrelmail <removed>
 	NOTE: https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2019-016.txt
+	NOTE: https://sourceforge.net/p/squirrelmail/code/14828/
 CVE-2019-12969
 	RESERVED
 CVE-2019-12968 (A vulnerability was found in the Sonic Robo Blast 2 (SRB2) plugin (EP_ ...)
--- a/data/dla-needed.txt
+++ b/data/dla-needed.txt
@@ -120,11 +120,7 @@ sqlite3
  NOTE: 20190617: A preliminary package with *just* the (presumably) CVE-2019-5827 patches backported:
  NOTE: 20190617: https://people.debian.org/~mejo/debian/jessie-security/sqlite3_3.8.7.1-1+deb8u5.dsc
 --
-squirrelmail
-  NOTE: 20190702: no patch available, upstream apparently inactive,
-  NOTE: 20190702: reporter just recommends disabling HTML viewing of messages
-  NOTE: 20190702: we've got squirrelmail and squirrelmail-viewashtml users
-  NOTE: 20190702: so either write a patch or force disabling HTML?
+squirrelmail (Sylvain Beucler)
 --
 thunderbird (Emilio)
 --