Reserve DLA-2547-1 for wireshark

2 files changed, 16 insertions, 16 deletions

diff --git a/data/CVE/2019.list b/data/CVE/2019.list
index e811896ddb..4591951e6c 100644
--- a/data/CVE/2019.list
+++ b/data/CVE/2019.list
@@ -3689,7 +3689,7 @@ CVE-2019-19554
 CVE-2019-19553 (In Wireshark 3.0.0 to 3.0.6 and 2.6.0 to 2.6.12, the CMS dissector cou ...)
 	- wireshark 3.0.7-1 (low)
 	[buster] - wireshark 2.6.20-0+deb10u1
-	[stretch] - wireshark <postponed> (Can be fixed along in next 2.6.x DSA)
+	[stretch] - wireshark 2.6.20-0+deb9u1
 	[jessie] - wireshark <postponed> (Can be fixed along in next 1.12.x DLA)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15961
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=34d2e0d5318d0a7e9889498c721639e5cbf4ce45
@@ -11768,7 +11768,7 @@ CVE-2019-16277 (PicoC 2.1 has a heap-based buffer overflow in StringStrcpy in cs
 CVE-2019-16319 (In Wireshark 3.0.0 to 3.0.3 and 2.6.0 to 2.6.10, the Gryphon dissector ...)
 	- wireshark 3.0.4-1 (low)
 	[buster] - wireshark 2.6.20-0+deb10u1
-	[stretch] - wireshark <postponed> (Can be fixed along in next 2.6.x DSA)
+	[stretch] - wireshark 2.6.20-0+deb9u1
 	[jessie] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2019-21.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16020
@@ -18974,7 +18974,7 @@ CVE-2019-13620
 CVE-2019-13619 (In Wireshark 3.0.0 to 3.0.2, 2.6.0 to 2.6.9, and 2.4.0 to 2.4.15, the  ...)
 	- wireshark 2.6.10-1 (low)
 	[buster] - wireshark 2.6.20-0+deb10u1
-	[stretch] - wireshark <postponed> (Can be fixed along in next 2.6.x release)
+	[stretch] - wireshark 2.6.20-0+deb9u1
 	[jessie] - wireshark <not-affected> (vulnerable code not present, binary encoding not yet supported)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2019-20.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15870
diff --git a/data/CVE/2020.list b/data/CVE/2020.list
index 22f4e40d89..1b13a52d27 100644
--- a/data/CVE/2020.list
+++ b/data/CVE/2020.list
@@ -6422,7 +6422,7 @@ CVE-2020-28031 (eramba through c2.8.1 allows HTTP Host header injection with (fo
 CVE-2020-28030 (In Wireshark 3.2.0 to 3.2.7, the GQUIC dissector could crash. This was ...)
 	- wireshark 3.2.8-0.1 (bug #974689)
 	[buster] - wireshark 2.6.20-0+deb10u1
-	[stretch] - wireshark <postponed> (Minor issue, Can be fixed in next DLA by backporting patch together with earlier fix for invalid parameter)
+	[stretch] - wireshark 2.6.20-0+deb9u1
 	NOTE: https://gitlab.com/wireshark/wireshark/-/commit/b287e7165e8aa89cde6ae37e7c257c5d87d16b9b
 	NOTE: https://gitlab.com/wireshark/wireshark/-/issues/16887
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2020-15.html
@@ -9850,7 +9850,7 @@ CVE-2020-26576
 CVE-2020-26575 (In Wireshark through 3.2.7, the Facebook Zero Protocol (aka FBZERO) di ...)
 	- wireshark 3.2.8-0.1 (bug #974688)
 	[buster] - wireshark 2.6.20-0+deb10u1
-	[stretch] - wireshark <postponed> (Minor issue, can be fixed in next DLA by backporting patch)
+	[stretch] - wireshark 2.6.20-0+deb9u1
 	NOTE: https://gitlab.com/wireshark/wireshark/-/commit/3ff940652962c099b73ae3233322b8697b0d10ab
 	NOTE: https://gitlab.com/wireshark/wireshark/-/issues/16887
 	NOTE: https://gitlab.com/wireshark/wireshark/-/merge_requests/467
@@ -10193,7 +10193,7 @@ CVE-2020-26422 (Buffer overflow in QUIC dissector in Wireshark 3.4.0 to 3.4.1 al
 CVE-2020-26421 (Crash in USB HID protocol dissector and possibly other dissectors in W ...)
 	- wireshark 3.4.1-1
 	[buster] - wireshark 2.6.20-0+deb10u1
-	[stretch] - wireshark <postponed> (Minor issue, can be fixed in next DLA by backporting patch)
+	[stretch] - wireshark 2.6.20-0+deb9u1
 	NOTE: https://gitlab.com/wireshark/wireshark/-/commit/d5f2657825e63e4126ebd7d13a59f3c6e8a9e4e1
 	NOTE: https://gitlab.com/wireshark/wireshark/-/issues/16958
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2020-17.html
@@ -10214,7 +10214,7 @@ CVE-2020-26419 (Memory leak in the dissection engine in Wireshark 3.4.0 allows d
 CVE-2020-26418 (Memory leak in Kafka protocol dissector in Wireshark 3.4.0 and 3.2.0 t ...)
 	- wireshark 3.4.1-1
 	[buster] - wireshark 2.6.20-0+deb10u1
-	[stretch] - wireshark <postponed> (Minor issue, code was reshuffled when support for more recent Kafka versions was added but backporting is trivial)
+	[stretch] - wireshark 2.6.20-0+deb9u1
 	NOTE: https://gitlab.com/wireshark/wireshark/-/commit/f4374967bbf9c12746b8ec3cd54dddada9dd353e
 	NOTE: https://gitlab.com/wireshark/wireshark/-/commit/c7e6b798255e9d78d88abb84b951ca7815e0f880
 	NOTE: https://gitlab.com/wireshark/wireshark/-/issues/16739
@@ -11446,13 +11446,13 @@ CVE-2020-25864
 CVE-2020-25863 (In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the ...)
 	- wireshark 3.2.7-1
 	[buster] - wireshark 2.6.20-0+deb10u1
-	[stretch] - wireshark <postponed> (Minor issue, can be fixed along in next DLA)
+	[stretch] - wireshark 2.6.20-0+deb9u1
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2020-11.html
 	NOTE: https://gitlab.com/wireshark/wireshark/-/issues/16741
 CVE-2020-25862 (In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the ...)
 	- wireshark 3.2.7-1
 	[buster] - wireshark 2.6.20-0+deb10u1
-	[stretch] - wireshark <postponed> (Minor issue, can be fixed along in next DLA)
+	[stretch] - wireshark 2.6.20-0+deb9u1
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2020-12.html
 	NOTE: https://gitlab.com/wireshark/wireshark/-/issues/16816
 CVE-2020-25861
@@ -33641,7 +33641,7 @@ CVE-2020-15467 (The administrative interface of Cohesive Networks vns3:vpn appli
 CVE-2020-15466 (In Wireshark 3.2.0 to 3.2.4, the GVCP dissector could go into an infin ...)
 	- wireshark 3.2.5-1 (low)
 	[buster] - wireshark 2.6.20-0+deb10u1
-	[stretch] - wireshark <postponed> (Can be fixed along in next DSA/update to 3.0)
+	[stretch] - wireshark 2.6.20-0+deb9u1
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16029
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=11f40896b696e4e8c7f8b2ad96028404a83a51a4
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2020-09.html
@@ -39444,7 +39444,7 @@ CVE-2020-13165
 CVE-2020-13164 (In Wireshark 3.2.0 to 3.2.3, 3.0.0 to 3.0.10, and 2.6.0 to 2.6.16, the ...)
 	- wireshark 3.2.4-1 (low)
 	[buster] - wireshark 2.6.20-0+deb10u1
-	[stretch] - wireshark <postponed> (Can be fixed along in next DSA/update to 3.0)
+	[stretch] - wireshark 2.6.20-0+deb9u1
 	[jessie] - wireshark <postponed> (Can be fixed along with other CVEs)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16476
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=e6e98eab8e5e0bbc982cfdc808f2469d7cab6c5a
@@ -43326,7 +43326,7 @@ CVE-2020-11648
 CVE-2020-11647 (In Wireshark 3.2.0 to 3.2.2, 3.0.0 to 3.0.9, and 2.6.0 to 2.6.15, the  ...)
 	- wireshark 3.2.3-1 (low; bug #958213)
 	[buster] - wireshark 2.6.20-0+deb10u1
-	[stretch] - wireshark <postponed> (Can be fixed along in next DSA/update to 3.0)
+	[stretch] - wireshark 2.6.20-0+deb9u1
 	[jessie] - wireshark <postponed> (Minor, can be fixed along in a future update)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16474
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=6f56fc9496db158218243ea87e3660c874a0bab0
@@ -48895,7 +48895,7 @@ CVE-2020-9419
 CVE-2020-9431 (In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the  ...)
 	- wireshark 3.2.2-1
 	[buster] - wireshark 2.6.20-0+deb10u1
-	[stretch] - wireshark <postponed> (Can be fixed along in next DSA/update to 3.0)
+	[stretch] - wireshark 2.6.20-0+deb9u1
 	[jessie] - wireshark <not-affected> (composite TVB handling added later)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2020-03.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16341
@@ -48903,7 +48903,7 @@ CVE-2020-9431 (In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14,
 CVE-2020-9430 (In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the  ...)
 	- wireshark 3.2.2-1
 	[buster] - wireshark 2.6.20-0+deb10u1
-	[stretch] - wireshark <postponed> (Can be fixed along in next DSA/update to 3.0)
+	[stretch] - wireshark 2.6.20-0+deb9u1
 	[jessie] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2020-04.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16368
@@ -48913,7 +48913,7 @@ CVE-2020-9430 (In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14,
 CVE-2020-9428 (In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the  ...)
 	- wireshark 3.2.2-1 (low)
 	[buster] - wireshark 2.6.20-0+deb10u1
-	[stretch] - wireshark <postponed> (Can be fixed along in next DSA/update to 3.0)
+	[stretch] - wireshark 2.6.20-0+deb9u1
 	[jessie] - wireshark <not-affected> (Vulnerable code not present)
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2020-05.html
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16397
@@ -54485,7 +54485,7 @@ CVE-2020-7046 (lib-smtp in submission-login and lmtp in Dovecot 2.3.9 before 2.3
 CVE-2020-7045 (In Wireshark 3.0.x before 3.0.8, the BT ATT dissector could crash. Thi ...)
 	- wireshark 3.2.0-1
 	[buster] - wireshark 2.6.20-0+deb10u1
-	[stretch] - wireshark <postponed> (Can be fixed along in next DSA/update to 3.0)
+	[stretch] - wireshark 2.6.20-0+deb9u1
 	[jessie] - wireshark <not-affected> (Doesn't support request-respone tracking in affected code passage, yet)
 	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16258
 	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=01f261de41f4dd3233ef578e5c0ffb9c25c7d14d