Thorsten Alteholz · Thorsten Alteholz · Thorsten Alteholz · Thorsten Alteholz · Thorsten Alteholz · 88a83625
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -691,6 +691,7 @@ CVE-2020-7596
 	RESERVED
 CVE-2020-7595 (xmlStringLenDecodeEntities in parser.c in libxml2 2.9.10 has an infini ...)
 	- libxml2 <unfixed> (bug #949582)
+	[jessie] - libxml2 <no-dsa> (Minor issue)
 	NOTE: https://gitlab.gnome.org/GNOME/libxml2/commit/0e1a49c8907645d2e155f0d89d4d9895ac5112b5
 CVE-2020-7594 (MultiTech Conduit MTCDT-LVW2-24XX 1.4.17-ocea-13592 devices allow remo ...)
 	NOT-FOR-US: MultiTech Conduit MTCDT-LVW2-24XX devices
@@ -944,6 +945,7 @@ CVE-2019-20389
 	RESERVED
 CVE-2019-20388 (xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlSchemaV ...)
 	- libxml2 <unfixed> (bug #949583)
+	[jessie] - libxml2 <no-dsa> (Minor issue)
 	NOTE: Proposed merge request: https://gitlab.gnome.org/GNOME/libxml2/merge_requests/68
 CVE-2019-20387 (repodata_schema2id in repodata.c in libsolv before 0.7.6 has a heap-ba ...)
 	- libsolv <unfixed> (bug #949611)
@@ -16540,6 +16542,7 @@ CVE-2019-18933 (In Zulip Server versions from 1.7.0 to before 2.0.7, a bug in th
 	NOT-FOR-US: Zulip
 CVE-2019-18932 (log.c in Squid Analysis Report Generator (sarg) through 2.3.11 allows  ...)
 	- sarg <unfixed>
+	[jessie] - sarg <no-dsa> (Minor issue)
 	NOTE: https://www.openwall.com/lists/oss-security/2020/01/20/6
 	NOTE: The sarg-reports as shipped in Debian has already safe use of mktemp for
 	NOTE: use of temporary files and directories.
@@ -25273,6 +25276,7 @@ CVE-2019-16792 (Waitress through version 1.3.1 allows request smuggling by sendi
 	- waitress 1.4.1-1
 	[buster] - waitress <no-dsa> (Minor issue)
 	[stretch] - waitress <no-dsa> (Minor issue)
+	[jessie] - waitress <no-dsa> (Minor issue)
 	NOTE: https://github.com/Pylons/waitress/security/advisories/GHSA-4ppp-gpcr-7qf6
 	NOTE: https://github.com/Pylons/waitress/commit/575994cd42e83fd772a5f7ec98b2c56751bd3f65
 CVE-2019-16791 (In postfix-mta-sts-resolver before 0.5.1, All users can receive incorr ...)
--- a/data/dla-needed.txt
+++ b/data/dla-needed.txt
@@ -64,6 +64,9 @@ libmatio (Adrian Bunk)
  NOTE: 20190428: older changes seem to also be required for them
  NOTE: 20200112: work is ongoing
 --
+libsolv
+  NOTE: 20200123: Mike is maintainer
+--
 libxmlrpc3-java (Markus Koschany)
 --
 linux (Ben Hutchings)