Moritz Muehlenhoff · Moritz Muehlenhoff · Moritz Muehlenhoff · cba379fb · cba379fb
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -235,7 +235,7 @@ CVE-2018-7999 (In libgraphite2 in graphite2 1.3.11, a NULL pointer dereference .
 	NOTE: https://github.com/silnrsi/graphite/issues/22
 CVE-2018-7998 (In libvips before 8.6.3, a NULL function pointer dereference ...)
 	{DLA-1306-1}
-	- vips 8.4.5-2 (bug #892589)
+	- vips 8.4.5-2 (low; bug #892589)
 	[stretch] - vips <no-dsa> (Minor issue)
 	[jessie] - vips <no-dsa> (Minor issue)
 	NOTE: https://github.com/jcupitt/libvips/commit/20d840e6da15c1574b3ed998bc92f91d1e36c2a5
@@ -39089,7 +39089,7 @@ CVE-2017-11431
 	RESERVED
 CVE-2017-11430
 	RESERVED
-	- ruby-omniauth-saml <unfixed>
+	- ruby-omniauth-saml <unfixed> (bug #892864)
 	NOTE: fixed in 1.10.0
 	NOTE: https://github.com/omniauth/omniauth-saml/issues/156
 	NOTE: https://github.com/omniauth/omniauth-saml/pull/157
@@ -39103,7 +39103,7 @@ CVE-2017-11429
 	NOTE: https://www.kb.cert.org/vuls/id/475445
 CVE-2017-11428
 	RESERVED
-	- ruby-saml <unfixed>
+	- ruby-saml <unfixed> (bug #892865)
 	NOTE: fixed in 1.7.0
 	NOTE: https://duo.com/blog/duo-finds-saml-vulnerabilities-affecting-multiple-implementations
 	NOTE: https://www.kb.cert.org/vuls/id/475445
--- a/data/dsa-needed.txt
+++ b/data/dsa-needed.txt
@@ -102,6 +102,8 @@ undertow
 --
 vlc (jmm)
 --
+uwsgi
+--
 xen/oldstable
 --
 zendframework/oldstable