dla: add libjpeg-turbo

author: Sylvain Beucler <beuc@beuc.net> 2022-05-23 18:32:26 +0200
committer: Sylvain Beucler <beuc@beuc.net> 2022-05-23 18:32:53 +0200
commit: 02b034786cdc32eaec3a87cd3cb1a155f034da2e (patch)
tree: f23f9d29114cb6cc28c8d1ae9fb1021574ace532 /data/dla-needed.txt
parent: 6ac6ae1698dee8626addd189792300fb6a53ff65 (diff)
1 files changed, 5 insertions, 1 deletions
diff --git a/data/dla-needed.txt b/data/dla-needed.txt
index cf76bea365..957fe87c72 100644
--- a/data/dla-needed.txt
+++ b/data/dla-needed.txt
@@ -112,9 +112,13 @@ lemonldap-ng
   NOTE: 20220523: Harmonize with Debian 10.4 (1 CVE) and 10.5 (regression fix) (Beuc/front-desk)
 --
 libdbi-perl
-  NOTE: 20220523: Harmonize with Debian 10.8 (CVE-2014-10402 is a follow-up to CVE-2014-10401 (Beuc/front-desk)
+  NOTE: 20220523: Harmonize with Debian 10.8 (CVE-2014-10402 is a follow-up to CVE-2014-10401
   NOTE: 20220523: which was fixed before stretch, buster's debian/changelog is incorrect) (Beuc/front-desk)
 --
+libjpeg-turbo
+  NOTE: 20220523: Harmonize with Debian 10.7 (only 1 CVE but last
+  NOTE: 20220523: stretch update back in 2020 and possible RCE) (Beuc/front-desk)
+--
 liblouis
   NOTE: 20220320: no patch available yet. Reproducible memory leaks with ASAN
   NOTE: 20220320: and POC. Consider fixing CVE-2018-17294 too.
author	Sylvain Beucler <beuc@beuc.net>	2022-05-23 18:32:26 +0200
committer	Sylvain Beucler <beuc@beuc.net>	2022-05-23 18:32:53 +0200
commit	02b034786cdc32eaec3a87cd3cb1a155f034da2e (patch)
tree	f23f9d29114cb6cc28c8d1ae9fb1021574ace532 /data/dla-needed.txt
parent	6ac6ae1698dee8626addd189792300fb6a53ff65 (diff)