Thorsten Alteholz · Thorsten Alteholz · Thorsten Alteholz · Thorsten Alteholz · 0c9c524d · 0c9c524d
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -2233,6 +2233,7 @@ CVE-2019-14752
 	RESERVED
 CVE-2019-14751 (NLTK Downloader before 3.4.5 is vulnerable to a directory traversal, a ...)
 	- nltk <unfixed> (bug #935201)
+	[jessie] - nltk <no-dsa> (Minor issue; user has to configure a compromised server)
 	NOTE: https://salvatoresecurity.com/zip-slip-in-nltk-cve-2019-14751/
 	NOTE: https://github.com/nltk/nltk/commit/f59d7ed8df2e0e957f7f247fe218032abdbe9a10
 CVE-2019-14750 (An issue was discovered in osTicket before 1.10.7 and 1.12.x before 1. ...)
--- a/data/dla-needed.txt
+++ b/data/dla-needed.txt
@@ -24,6 +24,8 @@ clamav (Hugo Lefeuvre)
  NOTE: 20190822: upstream has released 0.101.4, wait for stretch update (see bug
  NOTE: report) (hle)
 --
+commons-beanutils
+--
 dnsmasq (Mike Gabriel)
 --
 djvulibre (Thorsten Alteholz)
@@ -47,6 +49,8 @@ hdf5 (Hugo Lefeuvre)
  NOTE: wait for the next HDF5 point release and either do full package upgrade
  NOTE: or cherry pick fixes (hle)
 --
+icedtea-web
+--
 libav
  NOTE: 20190529: There are currently 19 CVE issues known for libav in jessie,
  NOTE: 20190529: 11 tagged as <no-dsa>. These issues have been triaged, no patch
@@ -54,6 +58,8 @@ libav
  NOTE: 20190529: out patches yourself.
  NOTE: 20190731: New CVEs occurred, need to be triaged.
 --
+libcrypto++
+--
 libmatio (Adrian Bunk)
  NOTE: fairly high number of open issues. Not sure why we never had a look at them.
  NOTE: triage work needed, help security team for fixes if needed.