From 02b034786cdc32eaec3a87cd3cb1a155f034da2e Mon Sep 17 00:00:00 2001 From: Sylvain Beucler Date: Mon, 23 May 2022 18:32:26 +0200 Subject: dla: add libjpeg-turbo --- data/dla-needed.txt | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'data/dla-needed.txt') diff --git a/data/dla-needed.txt b/data/dla-needed.txt index cf76bea365..957fe87c72 100644 --- a/data/dla-needed.txt +++ b/data/dla-needed.txt @@ -112,9 +112,13 @@ lemonldap-ng NOTE: 20220523: Harmonize with Debian 10.4 (1 CVE) and 10.5 (regression fix) (Beuc/front-desk) -- libdbi-perl - NOTE: 20220523: Harmonize with Debian 10.8 (CVE-2014-10402 is a follow-up to CVE-2014-10401 (Beuc/front-desk) + NOTE: 20220523: Harmonize with Debian 10.8 (CVE-2014-10402 is a follow-up to CVE-2014-10401 NOTE: 20220523: which was fixed before stretch, buster's debian/changelog is incorrect) (Beuc/front-desk) -- +libjpeg-turbo + NOTE: 20220523: Harmonize with Debian 10.7 (only 1 CVE but last + NOTE: 20220523: stretch update back in 2020 and possible RCE) (Beuc/front-desk) +-- liblouis NOTE: 20220320: no patch available yet. Reproducible memory leaks with ASAN NOTE: 20220320: and POC. Consider fixing CVE-2018-17294 too. -- cgit v1.2.3