data/CVE/list

@@ -143026,11 +143026,11 @@ CVE-2017-7525 (A deserialization flaw was discovered in the jackson-databind, ve
 	- jackson-databind 2.9.1-1 (bug #870848)
 	- libjackson-json-java <unfixed>
 	NOTE: https://github.com/FasterXML/jackson-databind/issues/1599
+	NOTE: For libjackson-json-java:
+	NOTE: https://github.com/FasterXML/jackson-1/commit/9ac68db819bce7b9546bc4bf1c44f82ca910fa31
 CVE-2017-7524 (tpm2-tools versions before 1.1.1 are vulnerable to a password leak due ...)
 	- tpm2-tools 2.1.0-1 (bug #866257)
 	NOTE: https://github.com/01org/tpm2.0-tools/commit/c5d72beaab1cbbbe68271f4bc4b6670d69985157
-	NOTE: For libjackson-json-java:
-	NOTE: https://github.com/FasterXML/jackson-1/commit/9ac68db819bce7b9546bc4bf1c44f82ca910fa31
 CVE-2017-7523 (Cygwin versions 1.7.2 up to and including 1.8.0 are vulnerable to buff ...)
 	NOT-FOR-US: Cygwin
 CVE-2017-7522 (OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to deni ...)

data/DLA/list

+[30 Nov 2019] DLA-2018-1 proftpd-dfsg - security update
+	{CVE-2019-19269}
+	[jessie] - proftpd-dfsg 1.3.5e+r1.3.5-2+deb8u5
 [30 Nov 2019] DLA-2017-1 asterisk - security update
 	{CVE-2019-13161 CVE-2019-18610 CVE-2019-18790}
 	[jessie] - asterisk 1:11.13.1~dfsg-2+deb8u7

data/dla-needed.txt

@@ -101,8 +101,6 @@ php-horde-trean (Roberto C. Sánchez)
   NOTE: 20191118: Upstream closed the ticket related to CVE-2019-12095, indicating that it is low priority for them. (roberto)
   NOTE: 20191126: Corresponding with security team regarding CVE assignments. (roberto)
 --
-proftpd-dfsg (Adrian Bunk)
---
 python-reportlab (Hugo Lefeuvre)
   NOTE: 20191123: still no upstream fix
 --