data/dla-needed.txt

@@ -18,7 +18,7 @@ bouncycastle (Markus Koschany)
 --
 busybox (Markus Koschany)
 --
-ca-certificates
+ca-certificates (Chris Lamb)
   NOTE: 20180531: check if we need to perform an update before wheezy is EOL (anarcat)
   NOTE: 20180601: Will keep this open and check for jessie now. (lamby)
 --
@@ -39,15 +39,15 @@ graphicsmagick (Roberto C. Sánchez)
 intel-microcode
 --
 jetty (Hugo Lefeuvre)
-  NOTE: jetty8 almost never marked as affected whereas jetty and jetty9 are. Reason ?
-  NOTE: CVE-2018-12536 fixed in latest upstream release. Looks like upstream
-  NOTE: voluntarily obfuscated the issue (fix hidden in unrelated changes).
-  NOTE: Fix (9.4.x): a51920d650d924cc2cea011995624b394437c6e0
-  NOTE:     (9.3.x): 53e8bc2a636707e896fd106fbee3596823c2cdc9 (closer to Debian versions)
-  NOTE: check before putting in the tracker.
-  NOTE: jetty:  doesn't seem to be affected (Wheezy + Jessie)
-  NOTE: jetty8: still need to check (Wheezy + Jessie)
-  NOTE: jetty9: affected, will provide patches for stretch and testing
+  NOTE: 20180702: jetty8 almost never marked as affected whereas jetty and jetty9 are. Reason ?
+  NOTE: 20180702: CVE-2018-12536 fixed in latest upstream release. Looks like upstream
+  NOTE: 20180702: voluntarily obfuscated the issue (fix hidden in unrelated changes).
+  NOTE: 20180702: Fix (9.4.x): a51920d650d924cc2cea011995624b394437c6e0
+  NOTE: 20180702:     (9.3.x): 53e8bc2a636707e896fd106fbee3596823c2cdc9 (closer to Debian versions)
+  NOTE: 20180702: check before putting in the tracker.
+  NOTE: 20180702: jetty:  doesn't seem to be affected (Wheezy + Jessie)
+  NOTE: 20180702: jetty8: still need to check (Wheezy + Jessie)
+  NOTE: 20180702: jetty9: affected, will provide patches for stretch and testing
 --
 kdepim
 --