Thorsten Alteholz · Thorsten Alteholz · Thorsten Alteholz · 5bfe8287 · 5bfe8287
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -204,6 +204,7 @@ CVE-2019-18348 (An issue was discovered in urllib2 in Python 2.x through 2.7.17
 	- python2.7 <unfixed>
 	[buster] - python2.7 <not-affected> (Not exploitable, has CVE-2016-10739 fixed)
 	[stretch] - python2.7 <no-dsa> (Minor issue)
+	[jessie] - python2.7 <no-dsa> (Minor issue)
 	NOTE: https://bugs.python.org/issue38576
 CVE-2019-18347
 	RESERVED
@@ -3271,6 +3272,7 @@ CVE-2019-17455 (Libntlm through 1.5 relies on a fixed buffer size for tSmbNtlmAu
 	- libntlm <unfixed> (bug #942145)
 	[buster] - libntlm <no-dsa> (Minor issue)
 	[stretch] - libntlm <no-dsa> (Minor issue)
+	[jessie] - libntlm <no-dsa> (Minor issue)
 	NOTE: https://gitlab.com/jas/libntlm/issues/2
 CVE-2019-17454 (Bento4 1.5.1.0 has a NULL pointer dereference in AP4_Descriptor::GetTa ...)
 	NOT-FOR-US: Bento4
--- a/data/dla-needed.txt
+++ b/data/dla-needed.txt
@@ -42,6 +42,8 @@ libapache2-mod-auth-openidc
  NOTE: 20191011: Upstream patch tightens validation but jessie does not appear
  NOTE: 20191011: to have any validation whatsoever on first glance. (lamby)
 --
+libarchive (Thorsten Alteholz)
+--
 libav
  NOTE: 20190831: There are currently 19 CVE issues known for libav in jessie,
  NOTE: 20190831: 11 tagged as <no-dsa>. These issues have been triaged, no patch