buster/bullseye triage

author: Moritz Muehlenhoff <jmm@debian.org> 2022-05-10 10:20:28 +0200
committer: Moritz Muehlenhoff <jmm@debian.org> 2022-05-10 10:21:10 +0200
commit: b43eafdd52df278263e5e4eb5068ef1979594dd4 (patch)
tree: 73bdcbf0ef7f7f1e071a325afbb38945fe091ab5 /data
parent: cf0aa6e3d8da4b961cd4a2cc6b19b72632e3da23 (diff)
2 files changed, 6 insertions, 0 deletions
diff --git a/data/CVE/list b/data/CVE/list
index 74bbd7c471..ac08f664ab 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -456,6 +456,8 @@ CVE-2022-30334 (Brave before 1.34, when a Private Window with Tor Connectivity i
 	TODO: check
 CVE-2022-30333 (RARLAB UnRAR before 6.12 on Linux and UNIX allows directory traversal  ...)
 	- unrar-nonfree <unfixed>
+	[bullseye] - unrar-nonfree <no-dsa> (Non-free not supported)
+	[buster] - unrar-nonfree <no-dsa> (Non-free not supported)
 	TODO: check details, 6.1.1 -> 6.1.2 upstream changes does not seem related
 CVE-2022-30332
 	RESERVED
@@ -86658,6 +86660,8 @@ CVE-2021-23793
 	RESERVED
 CVE-2021-23792 (The package com.twelvemonkeys.imageio:imageio-metadata before 3.7.1 ar ...)
 	- libtwelvemonkeys-java 3.8.0-1
+	[bullseye] - libtwelvemonkeys-java <no-dsa> (Minor issue)
+	[buster] - libtwelvemonkeys-java <no-dsa> (Minor issue)
 	NOTE: https://snyk.io/vuln/SNYK-JAVA-COMTWELVEMONKEYSIMAGEIO-2316763
 	NOTE: https://github.com/haraldk/TwelveMonkeys/commit/da4efe98bf09e1cce91b7633cb251958a200fc80 (twelvemonkeys-3.8.0)
 CVE-2021-23791
diff --git a/data/dsa-needed.txt b/data/dsa-needed.txt
index bc80b98f32..52ff69fb76 100644
--- a/data/dsa-needed.txt
+++ b/data/dsa-needed.txt
@@ -16,6 +16,8 @@ asterisk/oldstable
 --
 cacti
 --
+cifs-utils
+--
 condor/oldstable (apo)
 --
 ecdsautils (jmm)
author	Moritz Muehlenhoff <jmm@debian.org>	2022-05-10 10:20:28 +0200
committer	Moritz Muehlenhoff <jmm@debian.org>	2022-05-10 10:21:10 +0200
commit	b43eafdd52df278263e5e4eb5068ef1979594dd4 (patch)
tree	73bdcbf0ef7f7f1e071a325afbb38945fe091ab5 /data
parent	cf0aa6e3d8da4b961cd4a2cc6b19b72632e3da23 (diff)