From 35fd2726a2243057e5ac8d53e8c49f0a3bc8b5ec Mon Sep 17 00:00:00 2001
From: Adrian Bunk <bunk@debian.org>
Date: Sun, 28 Nov 2021 14:20:48 +0200
Subject: Reserve DLA-2830-1 for tar

---
 data/CVE/2018.list  | 1 -
 data/DLA/list       | 3 +++
 data/dla-needed.txt | 2 --
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/data/CVE/2018.list b/data/CVE/2018.list
index 1e185bb2cc..f58b388d48 100644
--- a/data/CVE/2018.list
+++ b/data/CVE/2018.list
@@ -2219,7 +2219,6 @@ CVE-2018-20483 (set_file_metadata in xattr.c in GNU Wget before 1.20.1 stores a
 CVE-2018-20482 (GNU Tar through 1.30, when --sparse is used, mishandles file shrinkage ...)
 	{DLA-1623-1}
 	- tar 1.30+dfsg-3.1 (bug #917377)
-	[stretch] - tar <no-dsa> (Minor issue)
 	NOTE: https://utcc.utoronto.ca/~cks/space/blog/sysadmin/TarFindingTruncateBug
 	NOTE: https://news.ycombinator.com/item?id=18745431
 	NOTE: https://twitter.com/thatcks/status/1076166645708668928
diff --git a/data/DLA/list b/data/DLA/list
index 7d65b0eddc..7f0c4a8cef 100644
--- a/data/DLA/list
+++ b/data/DLA/list
@@ -1,3 +1,6 @@
+[28 Nov 2021] DLA-2830-1 tar - security update
+	{CVE-2018-20482}
+	[stretch] - tar 1.29b-1.1+deb9u1
 [27 Nov 2021] DLA-2829-1 libvpx - security update
 	{CVE-2020-0034}
 	[stretch] - libvpx 1.6.1-3+deb9u3
diff --git a/data/dla-needed.txt b/data/dla-needed.txt
index 3580b44bfe..4844507cfa 100644
--- a/data/dla-needed.txt
+++ b/data/dla-needed.txt
@@ -87,8 +87,6 @@ rustc (Roberto C. Sánchez)
 --
 samba (Anton)
 --
-tar (Adrian Bunk)
---
 thunderbird (Emilio)
   NOTE: 20211122: blocked on toolchain backports (pochu)
 --
-- 
cgit v1.2.3