Antoine Beaupré · Antoine Beaupré · 43dcbb7c · 43dcbb7c
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -497,6 +497,7 @@ CVE-2018-7032 (webcheckout in myrepos through 1.20171231 does not sanitize URLs
 	[jessie] - myrepos <no-dsa> (Minor issue)
 	- mr <removed>
 	[wheezy] - mr <no-dsa> (Minor issue)
+	[jessie] - mr <no-dsa> (Minor issue)
 CVE-2018-6956
 	RESERVED
 CVE-2018-6955
--- a/data/dla-needed.txt
+++ b/data/dla-needed.txt
@@ -76,11 +76,17 @@ opencv (Thorsten Alteholz)
 --
 openjdk-7 (Emilio Pozuelo)
 --
+polarssl
+--
 quagga (Thorsten Alteholz)
 --
+sox
+  NOTE: marked no-dsa/minor in stable. if worth an upload, consider also uploading to jessie/stretch as well since version numbers are very close
+--
 suricata (Santiago R.R.)
  NOTE: Hard to tell whether the package is vulnerable. DetectFlow in detect.c
  NOTE: does not exist. Code seems to be in SigMatchSignatures instead.
  NOTE: StreamTcpInlineDropInvalid function does not exist at all. Perhaps contact
  NOTE: upstream and ask for a clarification?
 --
+wavpack