Hugo Lefeuvre · Hugo Lefeuvre · Hugo Lefeuvre · Hugo Lefeuvre · Hugo Lefeuvre · Hugo Lefeuvre
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -2408,7 +2408,7 @@ CVE-2019-16706 (kkcms v1.3 has a CSRF vulnerablity that can add an user account
 CVE-2018-21019 (Home Assistant before 0.67.0 was vulnerable to an information disclosu ...)
 	NOT-FOR-US: Home Assistant
 CVE-2019-16729 (pam-python before 1.0.7-1 has an issue in regard to the default enviro ...)
-	- pam-python 1.0.7-1
+	- pam-python 1.0.7-1 (bug #942514)
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1150510#c1
 	NOTE: https://sourceforge.net/p/pam-python/code/ci/0247ab687b4347cc52859ca461fb0126dd7e2ebe/
 CVE-2019-16714 (In the Linux kernel before 5.2.14, rds6_inc_info_copy in net/rds/recv. ...)
--- a/data/dla-needed.txt
+++ b/data/dla-needed.txt
@@ -20,8 +20,10 @@ cacti (Hugo Lefeuvre)
  NOTE: 20191016: jessie and stretch don't seem to be affected, see
  NOTE: https://lists.debian.org/debian-lts/2019/10/msg00081.html for more details
  NOTE: waiting for feedback from upstream: https://github.com/Cacti/cacti/issues/2964
+  NOTE: 20190117: upstream answered positively. waiting for him to rework a few things
+  NOTE: before updating the tracker.
 --
-freeimage
+freeimage (Hugo Lefeuvre)
  NOTE: Maintainer will take care of the update.
  NOTE: https://lists.debian.org/debian-lts/2019/05/msg00079.html
  NOTE: 20190707: maintainer is waiting for upstream https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929597
@@ -111,7 +113,10 @@ opendmarc (Thorsten Alteholz)
  NOTE: 20191013: testing package
 --
 pam-python (Hugo Lefeuvre)
-  NOTE: 20190927: Upstream appear to not have a distinct revision for this fix, using a single commit for the entire release which changes many things. (lamby)
+  NOTE: 20190927: Upstream appear to not have a distinct revision for this fix,
+  NOTE: using a single commit for the entire release which changes many things. (lamby)
+  NOTE: 20191017: opened bug report and asked Russell (both Debian maintainer & upstream)
+  NOTE: for more information.
 --
 polarssl
 --

--- a/data/dsa-needed.txt
+++ b/data/dsa-needed.txt
@@ -21,7 +21,7 @@ curl (ghedo)
 --
 evince/oldstable
 --
-freeimage
+freeimage (hle)
 --
 glusterfs/oldstable
 --