CVE-2020-13645/glib-networking to be fixed via ospu

3 files changed, 3 insertions, 2 deletions

diff --git a/data/CVE/2020.list b/data/CVE/2020.list
index 04f5931fcf..b343f246d1 100644
--- a/data/CVE/2020.list
+++ b/data/CVE/2020.list
@@ -4578,6 +4578,7 @@ CVE-2020-13646 (In Cheetah free WiFi 5.1, the driver file (liebaonat.sys) allows
 CVE-2020-13645 (In GNOME glib-networking through 2.64.2, the implementation of GTlsCli ...)
 	- glib-networking 2.64.3-2 (bug #961756)
 	[buster] - glib-networking <no-dsa> (Minor issue; will be fixed via point release)
+	[stretch] - glib-networking <no-dsa> (Minor issue; will be fixed via point release)
 	NOTE: https://gitlab.gnome.org/GNOME/glib-networking/-/issues/135
 	NOTE: Updating glib-networking to address CVE-2020-13645 will need a compatibility
 	NOTE: update as well for balsa (cf. https://bugs.debian.org/961792)
diff --git a/data/dla-needed.txt b/data/dla-needed.txt
index 78c0bfe1bb..ad80111d91 100644
--- a/data/dla-needed.txt
+++ b/data/dla-needed.txt
@@ -61,8 +61,6 @@ freerdp
   NOTE: 20200510: Vulnerable to at least CVE-2020-11042. (lamby)
   NOTE: 20200531: Discussing if EOL'ing of freerdp (1.1) makes sense (sunweaver)
 --
-glib-networking (Emilio)
---
 golang-github-seccomp-libseccomp-golang (Adrian Bunk)
 --
 gupnp
diff --git a/data/next-oldstable-point-update.txt b/data/next-oldstable-point-update.txt
index b34cd56fb3..2561d26352 100644
--- a/data/next-oldstable-point-update.txt
+++ b/data/next-oldstable-point-update.txt
@@ -203,3 +203,5 @@ CVE-2019-11459
 	[stretch] - atril 1.16.1-2+deb9u2
 CVE-2019-17566
 	[stretch] - batik 1.8-4+deb9u2
+CVE-2020-13645
+	[stretch] - glib-networking 2.50.0-1+deb9u1