data/CVE/list

@@ -237,6 +237,7 @@ CVE-2018-5686 (In MuPDF 1.12.0, there is an infinite loop vulnerability and ...)
 	- mupdf <unfixed> (bug #887130)
 	[stretch] - mupdf <no-dsa> (Minor issue)
 	[jessie] - mupdf <no-dsa> (Minor issue)
+	[wheezy] - mupdf <no-dsa> (Minor issue)
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=698860
 	NOTE: pdf_parse_array function in source/pdf/pdf-parse.c does not consider
 	NOTE: EOF.
@@ -5242,6 +5243,7 @@ CVE-2017-17866 (pdf/pdf-write.c in Artifex MuPDF before 1.12.0 mishandles certai
 	- mupdf <unfixed> (bug #885120)
 	[stretch] - mupdf <no-dsa> (Minor issue)
 	[jessie] - mupdf <no-dsa> (Minor issue)
+	[wheezy] - mupdf <no-dsa> (Minor issue)
 	NOTE: Fixed by: http://git.ghostscript.com/?p=mupdf.git;h=520cc26d18c9ee245b56e9e91f9d4fcae02be5f0
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=698699 (not public)
 CVE-2017-17865
@@ -38068,6 +38070,7 @@ CVE-2017-9274 [osc executes spec code during "osc commit"]
 	- osc <unfixed> (bug #887391)
 	[stretch] - osc <no-dsa> (Minor issue)
 	[jessie] - osc <no-dsa> (Minor issue)
+	[wheezy] - osc <no-dsa> (Minor issue)
 	NOTE: Details in https://bugzilla.novell.com/show_bug.cgi?id=938556
 	NOTE: SUSE adressed the issue not only in the obs-service-source_validator
 	NOTE: and adding a validation in 0.162.0 when using OBS 2.9, cf.:

data/dla-needed.txt

@@ -51,17 +51,12 @@ ming (Hugo Lefeuvre)
   NOTE: 20180118: wip, currently working on it with upstream, might take a while
   NOTE: Some issues currently in upstream's bug tracker are missing a CVE number, so number of issues might increase in the next weeks
 --
-mupdf
-  NOTE: 20171224: Upstream patch does not apply to LTS cleanly. Might need hanges to apps/pdfclean.c rather than pdf-write.c (lamby)
---
 mysql-5.5 (Emilio Pozuelo)
 --
 opencv (Thorsten Alteholz)
 --
 openjdk-7 (Emilio Pozuelo)
 --
-osc
---
 php5 (Markus Koschany)
 --
 rsync (Chris Lamb)