Chris Lamb · Chris Lamb · Chris Lamb · Chris Lamb · Chris Lamb · e6386112
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -75,6 +75,7 @@ CVE-2018-17986 (rars/user/data in razorCMS 3.4.8 allows CSRF for changing the pa
 CVE-2018-17985 (An issue was discovered in cp-demangle.c in GNU libiberty, as ...)
 	- binutils <unfixed>
 	[stretch] - binutils <ignored> (Minor issue)
+	[jessie] - binutils <ignored> (Minor issue)
 	NOTE: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87335
 CVE-2018-17984 (An unanchored /[a-z]{2}/ regular expression in ISPConfig before 3.1.13 ...)
 	NOT-FOR-US: ISPConfig
--- a/data/dla-needed.txt
+++ b/data/dla-needed.txt
@@ -15,6 +15,8 @@ https://wiki.debian.org/LTS/Development#Triage_new_security_issues
 --
 adplug (Chris Lamb)
 --
+clamav
+--
 enigmail
  NOTE: 20180926: see 871s9fps8e.fsf@curie.anarc.at before working on this (anarcat)
 --
@@ -25,7 +27,7 @@ firefox-esr (Emilio Pozuelo)
  NOTE: 20180525: This needs some backports (llvm, rustc, cargo) which need some work.
 --
 gnutls28 (Antoine Beaupre)
-  NOTE: 20180824: Upstream patch is quite invasive, adding new options etc. (lamby)
+  NOTE: 20180824: Upstream patch is quite invasive, adding new options etc. (Chris Lamb)
 --
 jekyll (Abhijith PA)
 --
@@ -36,6 +38,9 @@ libav (Hugo Lefeuvre)
  NOTE: 20180529: Help is welcome, feel free to mail Hugo. Still up-to-date. Help needed for CVE triage and patch development.
  NOTE: 20180529: Just contacted some of the CVE reporters to ask for the reproducers, CC-ed team ML.
 --
+libpdfbox-java
+  NOTE: 20181007: Can't find the upstream fixing commit atm (Chris Lamb)
+--
 libspring-java (Abhijith PA)
 --
 linux (Ben Hutchings)
@@ -44,6 +49,10 @@ linux-4.9 (Ben Hutchings)
 --
 mysql-5.5 (Emilio Pozuelo)
 --
+nsis
+  NOTE: 20181007: Windows installer, but issue was reported by gpg4win so
+  NOTE: 20181007: likely affects UNIX systems. (Chris Lamb)
+--
 openjdk-7 (Emilio Pozuelo)
 --
 openjpeg2 (Hugo Lefeuvre)