data/CVE/list

@@ -15827,11 +15827,13 @@ CVE-2018-5730 (MIT krb5 1.6 or later allows an authenticated kadmin with permiss
 	- krb5 <unfixed> (bug #891869)
 	[stretch] - krb5 <no-dsa> (Minor issue)
 	[jessie] - krb5 <no-dsa> (Minor issue)
+	[wheezy] - krb5 <no-dsa> (Minor issue)
 	NOTE: Fixed by: https://github.com/krb5/krb5/commit/e1caf6fb74981da62039846931ebdffed71309d1
 CVE-2018-5729 (MIT krb5 1.6 or later allows an authenticated kadmin with permission ...)
 	- krb5 <unfixed> (bug #891869)
 	[stretch] - krb5 <no-dsa> (Minor issue)
 	[jessie] - krb5 <no-dsa> (Minor issue)
+	[wheezy] - krb5 <no-dsa> (Minor issue)
 	NOTE: Fixed by: https://github.com/krb5/krb5/commit/e1caf6fb74981da62039846931ebdffed71309d1
 CVE-2018-5728 (Cobham Sea Tel 121 build 222701 devices allow remote attackers to ...)
 	NOT-FOR-US: Cobham Sea Tel 121 build 222701 devices
@@ -36839,6 +36841,7 @@ CVE-2017-15401
 	RESERVED
 CVE-2017-15400 (Insufficient restriction of IPP filters in CUPS in Google Chrome OS ...)
 	- cups 2.2.3-2
+	[jessie] - cups <not-affected> (Vulnerable code not present, ppdCreateFromIPP() introduced in v2.2.0)
 	[wheezy] - cups <not-affected> (Vulnerable code not present)
 	NOTE: https://bugs.chromium.org/p/chromium/issues/detail?id=777215
 	NOTE: Patches from upstream to restrict what filters will be accpeted

data/dla-needed.txt

@@ -19,11 +19,6 @@ firefox-esr (Emilio Pozuelo)
   NOTE: 20180525: We will need an update to Firefox ESR 60 in jessie once 52 goes EOL.
   NOTE: 20180525: This needs some backports (llvm, rustc, cargo) which need some work.
 --
-krb5 (Thorsten Alteholz)
-  NOTE: 20180131: lts-do-not-call
-  NOTE: 20180411: Details not public yet. Security team in contact with  upstream. (anarcat)
-  NOTE: 20180411: See also https://lists.debian.org/msgid-search/20180208212643.GB7792@pisco.westfalen.local (anarcat)
---
 lame (Hugo Lefeuvre)
   NOTE: 20180515: Patch available and tested. Will coordinate with Fabian to provide Wheezy and Jessie uploads for the next Jessie point release.
 --