Thorsten Alteholz · Thorsten Alteholz · Thorsten Alteholz · Thorsten Alteholz · 419e020c · 419e020c
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1085,6 +1085,7 @@ CVE-2019-19727
 	RESERVED
 CVE-2017-18640 (The Alias feature in SnakeYAML 1.18 allows entity expansion during a l ...)
 	- snakeyaml <unfixed>
+	[jessie] - snakeyaml <no-dsa> (unclear security impact)
 	NOTE: https://bitbucket.org/asomov/snakeyaml/issues/377/allow-configuration-for-preventing-billion
 CVE-2019-19726 (OpenBSD through 6.6 allows local users to escalate to root because a c ...)
 	NOT-FOR-US: OpenBSD
--- a/data/dla-needed.txt
+++ b/data/dla-needed.txt
@@ -60,6 +60,9 @@ libmatio (Adrian Bunk)
  NOTE: 20190428: older changes seem to also be required for them
  NOTE: 20191208: work is ongoing
 --
+libssh
+  NOTE: 20191212: bug not public
+--
 linux (Ben Hutchings)
 --
 linux-4.9 (Ben Hutchings)
@@ -106,6 +109,9 @@ slurm-llnl
  NOTE: 20191022: 750cc23edcc6fddfff21d33bdaf4fb7deb28cfda would be a start.(abhijith)
  NOTE: 20191125: up for testing https://people.debian.org/~abhijith/upload/slurm-llnl_14.03.9-5+deb8u5.dsc
 --
+sqlite3 (Thorsten Alteholz)
+  NOTE: 20191212: look at no-dsa as well
+--
 squid3
  NOTE: 20191210: Requires new API SBuf.
 --
@@ -122,3 +128,6 @@ xcftools (Hugo Lefeuvre)
 --
 xen
 --
+yara
+  NOTE: 20191212: no upstream fix yet
+--