Review 9.10 changelog for accepted point release updates (stretch)

author: Salvatore Bonaccorso <carnil@debian.org> 2019-09-07 14:25:18 +0200
committer: Salvatore Bonaccorso <carnil@debian.org> 2019-09-07 14:25:18 +0200
commit: 53e227fce32640dce1194f68051c2741e01fbdae (patch)
tree: caf002f9515c8e6d8dc737a7b904bd8736e1d843
parent: f043f6be8cd2dd182a34dc688df7c7000f1ebf0a (diff)
2 files changed, 100 insertions, 273 deletions
diff --git a/data/CVE/list b/data/CVE/list
index 452fc47ccf..3df1cb3ee9 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -3702,7 +3702,7 @@ CVE-2019-12625 [clamav zip DoS]
 	RESERVED
 	- clamav 0.101.4+dfsg-1 (bug #934359)
 	[buster] - clamav 0.101.4+dfsg-0+deb10u1
-	[stretch] - clamav <no-dsa> (ClamAV is updated via -updates)
+	[stretch] - clamav 0.101.4+dfsg-0+deb9u1
 	NOTE: https://www.openwall.com/lists/oss-security/2019/08/06/3
 	NOTE: https://bugzilla.clamav.net/show_bug.cgi?id=12356
 	NOTE: Partially adressed already in 0.101.2+dfsg-3 but incomplete.
@@ -5636,6 +5636,7 @@ CVE-2019-14276
 CVE-2019-14275 (Xfig fig2dev 3.2.7a has a stack-based buffer overflow in the calc_arro ...)
 	- fig2dev 1:3.2.7a-7 (unimportant; bug #933075)
 	[buster] - fig2dev 1:3.2.7a-5+deb10u1
+	[stretch] - fig2dev 1:3.2.6a-2+deb9u2
 	- transfig <removed> (unimportant)
 	NOTE: https://sourceforge.net/p/mcj/tickets/52/
 	NOTE: Crash in CLI tool, no security impact, hardening build
@@ -7151,7 +7152,7 @@ CVE-2019-13616 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.
 	NOTE: sdl-image1.2: https://hg.libsdl.org/SDL_image/rev/a59bfe382008
 CVE-2019-13615 (libebml before 1.3.6, as used in the MKV module in VideoLAN VLC Media  ...)
 	- libebml 1.3.6-1 (low; bug #932241)
-	[stretch] - libebml <no-dsa> (Minor issue)
+	[stretch] - libebml 1.3.4-1+deb9u1
 	[jessie] - libebml <no-dsa> (Minor issue)
 	NOTE: https://trac.videolan.org/vlc/ticket/22474
 	NOTE: Issue was originally reported to vlc project, but the underlying issue is
@@ -8274,7 +8275,7 @@ CVE-2019-13565 (An issue was discovered in OpenLDAP 2.x before 2.4.48. When usin
 	{DLA-1891-1}
 	- openldap 2.4.48+dfsg-1 (low; bug #932998)
 	[buster] - openldap 2.4.47+dfsg-3+deb10u1
-	[stretch] - openldap <no-dsa> (Minor issue)
+	[stretch] - openldap 2.4.44+dfsg-5+deb9u3
 	NOTE: https://openldap.org/its/?findid=9052
 CVE-2019-13564 (XSS exists in Ping Identity Agentless Integration Kit before 1.5. ...)
 	NOT-FOR-US: Ping Identity Agentless Integration Kit
@@ -8443,19 +8444,19 @@ CVE-2019-13486 (In Xymon through 4.3.28, a stack-based buffer overflow exists in
 	{DLA-1898-1}
 	- xymon 4.3.29-1
 	[buster] - xymon 4.3.28-5+deb10u1
-	[stretch] - xymon <no-dsa> (Minor issue)
+	[stretch] - xymon 4.3.28-2+deb9u1
 	NOTE: https://lists.xymon.com/archive/2019-July/046570.html
 CVE-2019-13485 (In Xymon through 4.3.28, a stack-based buffer overflow vulnerability e ...)
 	{DLA-1898-1}
 	- xymon 4.3.29-1
 	[buster] - xymon 4.3.28-5+deb10u1
-	[stretch] - xymon <no-dsa> (Minor issue)
+	[stretch] - xymon 4.3.28-2+deb9u1
 	NOTE: https://lists.xymon.com/archive/2019-July/046570.html
 CVE-2019-13484 (In Xymon through 4.3.28, a buffer overflow exists in the status-log vi ...)
 	{DLA-1898-1}
 	- xymon 4.3.29-1
 	[buster] - xymon 4.3.28-5+deb10u1
-	[stretch] - xymon <no-dsa> (Minor issue)
+	[stretch] - xymon 4.3.28-2+deb9u1
 	NOTE: https://lists.xymon.com/archive/2019-July/046570.html
 CVE-2019-13483 (Auth0 Passport-SharePoint before 0.4.0 does not validate the JWT signa ...)
 	NOT-FOR-US: Auth0 Passport-SharePoint
@@ -8534,7 +8535,7 @@ CVE-2019-13455 (In Xymon through 4.3.28, a stack-based buffer overflow vulnerabi
 	{DLA-1898-1}
 	- xymon 4.3.29-1
 	[buster] - xymon 4.3.28-5+deb10u1
-	[stretch] - xymon <no-dsa> (Minor issue)
+	[stretch] - xymon 4.3.28-2+deb9u1
 	NOTE: https://lists.xymon.com/archive/2019-July/046570.html
 CVE-2019-13454 (ImageMagick 7.0.8-54 Q16 allows Division by Zero in RemoveDuplicateLay ...)
 	- imagemagick <unfixed> (bug #931740)
@@ -8552,13 +8553,13 @@ CVE-2019-13452 (In Xymon through 4.3.28, a buffer overflow vulnerability exists
 	{DLA-1898-1}
 	- xymon 4.3.29-1
 	[buster] - xymon 4.3.28-5+deb10u1
-	[stretch] - xymon <no-dsa> (Minor issue)
+	[stretch] - xymon 4.3.28-2+deb9u1
 	NOTE: https://lists.xymon.com/archive/2019-July/046570.html
 CVE-2019-13451 (In Xymon through 4.3.28, a buffer overflow vulnerability exists in his ...)
 	{DLA-1898-1}
 	- xymon 4.3.29-1
 	[buster] - xymon 4.3.28-5+deb10u1
-	[stretch] - xymon <no-dsa> (Minor issue)
+	[stretch] - xymon 4.3.28-2+deb9u1
 	NOTE: https://lists.xymon.com/archive/2019-July/046570.html
 CVE-2019-XXXX [No grant table and foreign mapping limits]
 	- linux 5.2.6-1
@@ -9007,13 +9008,13 @@ CVE-2019-13274 (In Xymon through 4.3.28, an XSS vulnerability exists in the csvi
 	{DLA-1898-1}
 	- xymon 4.3.29-1
 	[buster] - xymon 4.3.28-5+deb10u1
-	[stretch] - xymon <no-dsa> (Minor issue)
+	[stretch] - xymon 4.3.28-2+deb9u1
 	NOTE: https://lists.xymon.com/archive/2019-July/046570.html
 CVE-2019-13273 (In Xymon through 4.3.28, a buffer overflow vulnerability exists in the ...)
 	{DLA-1898-1}
 	- xymon 4.3.29-1
 	[buster] - xymon 4.3.28-5+deb10u1
-	[stretch] - xymon <no-dsa> (Minor issue)
+	[stretch] - xymon 4.3.28-2+deb9u1
 	NOTE: https://lists.xymon.com/archive/2019-July/046570.html
 CVE-2019-13272 (In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mish ...)
 	{DSA-4484-1 DLA-1863-1 DLA-1862-1}
@@ -9107,6 +9108,7 @@ CVE-2019-13232 (Info-ZIP UnZip 6.0 mishandles the overlapping of files inside a
 	{DLA-1846-1}
 	- unzip 6.0-24 (unimportant; bug #931433)
 	[buster] - unzip 6.0-23+deb10u1
+	[jessie] - unzip 6.0-21+deb9u2
 	NOTE: https://www.bamsoftware.com/hacks/zipbomb/
 	NOTE: Fixed by: https://github.com/madler/unzip/commit/47b3ceae397d21bf822bc2ac73052a4b1daf8e1c
 	NOTE: Fix depends on: https://github.com/madler/unzip/commit/41beb477c5744bc396fa1162ee0c14218ec12213
@@ -9431,7 +9433,7 @@ CVE-2019-13118 (In numbers.c in libxslt 1.1.33, a type holding grouping characte
 	{DLA-1860-1}
 	- libxslt 1.1.32-2.1 (low; bug #931320; bug #933743)
 	[buster] - libxslt 1.1.32-2.1~deb10u1
-	[stretch] - libxslt <no-dsa> (Minor issue)
+	[stretch] - libxslt 1.1.29-2.1+deb9u1
 	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15069
 	NOTE: https://gitlab.gnome.org/GNOME/libxslt/commit/6ce8de69330783977dd14f6569419489875fb71b
 	NOTE: https://oss-fuzz.com/testcase-detail/5197371471822848
@@ -9439,7 +9441,7 @@ CVE-2019-13117 (In numbers.c in libxslt 1.1.33, an xsl:number with certain forma
 	{DLA-1860-1}
 	- libxslt 1.1.32-2.1 (low; bug #931321; bug #933743)
 	[buster] - libxslt 1.1.32-2.1~deb10u1
-	[stretch] - libxslt <no-dsa> (Minor issue)
+	[stretch] - libxslt 1.1.29-2.1+deb9u1
 	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=14471
 	NOTE: https://gitlab.gnome.org/GNOME/libxslt/commit/c5eb6cf3aba0af048596106ed839b4ae17ecbcb1
 	NOTE: https://oss-fuzz.com/testcase-detail/5631739747106816
@@ -9632,7 +9634,7 @@ CVE-2019-13057 (An issue was discovered in the server in OpenLDAP before 2.4.48.
 	{DLA-1891-1}
 	- openldap 2.4.48+dfsg-1 (low; bug #932997)
 	[buster] - openldap 2.4.47+dfsg-3+deb10u1
-	[stretch] - openldap <no-dsa> (Minor issue)
+	[stretch] - openldap 2.4.44+dfsg-5+deb9u3
 	NOTE: https://openldap.org/its/?findid=9038
 CVE-2019-13056 (An issue was discovered in CyberPanel through 1.8.4. On the user edit  ...)
 	NOT-FOR-US: CyberPanel
@@ -9908,7 +9910,7 @@ CVE-2018-20844
 CVE-2019-13031 (LemonLDAP::NG before 1.9.20 has an XML External Entity (XXE) issue whe ...)
 	{DLA-1844-1}
 	- lemonldap-ng 2.0.0+ds-1 (bug #931117)
-	[stretch] - lemonldap-ng <no-dsa> (Minor issue, can be fixed via point release, notification server not enabled by default)
+	[stretch] - lemonldap-ng 1.9.7-3+deb9u2
 	NOTE: Upstream issue: https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/issues/1820
 	NOTE: Issue explained in: https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/issues/1818
 	NOTE: 2.0.0 upstream replaced the (old) feature with a new REST/JSON service, and
@@ -10074,7 +10076,7 @@ CVE-2019-12900 (BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out
 	[stretch] - bzip2 <no-dsa> (Not exploitable; potential dangerous parts already guarded)
 	- clamav 0.101.4+dfsg-1 (bug #934359)
 	[buster] - clamav 0.101.4+dfsg-0+deb10u1
-	[stretch] - clamav <no-dsa> (ClamAV is updated via -updates)
+	[stretch] - clamav 0.101.4+dfsg-0+deb9u1
 	NOTE: https://gitlab.com/federicomenaquintero/bzip2/commit/74de1e2e6ffc9d51ef9824db71a8ffee5962cdbc
 	NOTE: The original fix introduces regressions when extracting certain lbzip2 files
 	NOTE: which were created with a buggy libzip2: https://bugs.debian.org/931278
@@ -11219,14 +11221,14 @@ CVE-2019-13012 (The keyfile settings backend in GNOME GLib (aka glib2.0) before
 	[experimental] - glib2.0 2.60.0-1
 	- glib2.0 2.60.5-1 (bug #931234)
 	[buster] - glib2.0 2.58.3-2+deb10u1
-	[stretch] - glib2.0 <no-dsa> (Minor issue)
+	[stretch] - glib2.0 2.50.3-2+deb9u1
 	NOTE: https://gitlab.gnome.org/GNOME/glib/issues/1658
 	NOTE: https://gitlab.gnome.org/GNOME/glib/merge_requests/450
 	NOTE: https://gitlab.gnome.org/GNOME/glib/commit/5e4da714f00f6bfb2ccd6d73d61329c6f3a08429
 CVE-2019-12450 (file_copy_fallback in gio/gfile.c in GNOME GLib 2.15.0 through 2.61.1  ...)
 	{DLA-1826-1}
 	- glib2.0 2.58.3-2 (bug #929753)
-	[stretch] - glib2.0 <no-dsa> (Minor issue)
+	[stretch] - glib2.0 2.50.3-2+deb9u1
 	NOTE: https://gitlab.gnome.org/GNOME/glib/commit/d8f8f4d637ce43f8699ba94c9b7648beda0ca174
 CVE-2019-12449 (An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2. daemon/gv ...)
 	- gvfs 1.38.1-4 (bug #929755)
@@ -11824,70 +11826,70 @@ CVE-2019-12222 (An issue was discovered in libSDL2.a in Simple DirectMedia Layer
 	{DLA-1865-1 DLA-1861-1}
 	- libsdl2-image 2.0.5+dfsg1-1 (bug #932754)
 	[buster] - libsdl2-image 2.0.4+dfsg1-1+deb10u1
-	[stretch] - libsdl2-image <no-dsa> (Minor issue)
+	[stretch] - libsdl2-image 2.0.1+dfsg-2+deb9u2
 	- sdl-image1.2 1.2.12-11 (bug #932755)
 	[buster] - sdl-image1.2 1.2.12-10+deb10u1
-	[stretch] - sdl-image1.2 <no-dsa> (Minor issue)
+	[stretch] - sdl-image1.2 1.2.12-5+deb9u2
 	NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4621
 	NOTE: https://hg.libsdl.org/SDL_image/rev/e7e9786a1a34
 CVE-2019-12221 (An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) ...)
 	{DLA-1865-1 DLA-1861-1}
 	- libsdl2-image 2.0.5+dfsg1-1 (bug #932754)
 	[buster] - libsdl2-image 2.0.4+dfsg1-1+deb10u1
-	[stretch] - libsdl2-image <no-dsa> (Minor issue)
+	[stretch] - libsdl2-image 2.0.1+dfsg-2+deb9u2
 	- sdl-image1.2 1.2.12-11 (bug #932755)
 	[buster] - sdl-image1.2 1.2.12-10+deb10u1
-	[stretch] - sdl-image1.2 <no-dsa> (Minor issue)
+	[stretch] - sdl-image1.2 1.2.12-5+deb9u2
 	NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4628
 	NOTE: https://hg.libsdl.org/SDL_image/rev/e7e9786a1a34
 CVE-2019-12220 (An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) ...)
 	{DLA-1865-1 DLA-1861-1}
 	- libsdl2-image 2.0.5+dfsg1-1 (bug #932754)
 	[buster] - libsdl2-image 2.0.4+dfsg1-1+deb10u1
-	[stretch] - libsdl2-image <no-dsa> (Minor issue)
+	[stretch] - libsdl2-image 2.0.1+dfsg-2+deb9u2
 	- sdl-image1.2 1.2.12-11 (bug #932755)
 	[buster] - sdl-image1.2 1.2.12-10+deb10u1
-	[stretch] - sdl-image1.2 <no-dsa> (Minor issue)
+	[stretch] - sdl-image1.2 1.2.12-5+deb9u2
 	NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4627
 	NOTE: https://hg.libsdl.org/SDL_image/rev/e7e9786a1a34
 CVE-2019-12219 (An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) ...)
 	{DLA-1865-1 DLA-1861-1}
 	- libsdl2-image 2.0.5+dfsg1-1 (bug #932754)
 	[buster] - libsdl2-image 2.0.4+dfsg1-1+deb10u1
-	[stretch] - libsdl2-image <no-dsa> (Minor issue)
+	[stretch] - libsdl2-image 2.0.1+dfsg-2+deb9u2
 	- sdl-image1.2 1.2.12-11 (bug #932755)
 	[buster] - sdl-image1.2 1.2.12-10+deb10u1
-	[stretch] - sdl-image1.2 <no-dsa> (Minor issue)
+	[stretch] - sdl-image1.2 1.2.12-5+deb9u2
 	NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4625
 	NOTE: https://hg.libsdl.org/SDL_image/rev/e7e9786a1a34
 CVE-2019-12218 (An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) ...)
 	{DLA-1865-1 DLA-1861-1}
 	- libsdl2-image 2.0.5+dfsg1-1 (bug #932754)
 	[buster] - libsdl2-image 2.0.4+dfsg1-1+deb10u1
-	[stretch] - libsdl2-image <no-dsa> (Minor issue)
+	[stretch] - libsdl2-image 2.0.1+dfsg-2+deb9u2
 	- sdl-image1.2 1.2.12-11 (bug #932755)
 	[buster] - sdl-image1.2 1.2.12-10+deb10u1
-	[stretch] - sdl-image1.2 <no-dsa> (Minor issue)
+	[stretch] - sdl-image1.2 1.2.12-5+deb9u2
 	NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4620
 	NOTE: https://hg.libsdl.org/SDL_image/rev/7453e79c8cdb
 CVE-2019-12217 (An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) ...)
 	{DLA-1865-1 DLA-1861-1}
 	- libsdl2-image 2.0.5+dfsg1-1 (bug #932754)
 	[buster] - libsdl2-image 2.0.4+dfsg1-1+deb10u1
-	[stretch] - libsdl2-image <no-dsa> (Minor issue)
+	[stretch] - libsdl2-image 2.0.1+dfsg-2+deb9u2
 	- sdl-image1.2 1.2.12-11 (bug #932755)
 	[buster] - sdl-image1.2 1.2.12-10+deb10u1
-	[stretch] - sdl-image1.2 <no-dsa> (Minor issue)
+	[stretch] - sdl-image1.2 1.2.12-5+deb9u2
 	NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4626
 	NOTE: https://hg.libsdl.org/SDL_image/rev/e7e9786a1a34
 CVE-2019-12216 (An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) ...)
 	{DLA-1865-1 DLA-1861-1}
 	- libsdl2-image 2.0.5+dfsg1-1 (bug #932754)
 	[buster] - libsdl2-image 2.0.4+dfsg1-1+deb10u1
-	[stretch] - libsdl2-image <no-dsa> (Minor issue)
+	[stretch] - libsdl2-image 2.0.1+dfsg-2+deb9u2
 	- sdl-image1.2 1.2.12-11 (bug #932755)
 	[buster] - sdl-image1.2 1.2.12-10+deb10u1
-	[stretch] - sdl-image1.2 <no-dsa> (Minor issue)
+	[stretch] - sdl-image1.2 1.2.12-5+deb9u2
 	NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4619
 	NOTE: https://hg.libsdl.org/SDL_image/rev/7453e79c8cdb
 CVE-2019-12215 (** DISPUTED ** A full path disclosure vulnerability was discovered in  ...)
@@ -12151,30 +12153,30 @@ CVE-2019-12111 (A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through
 CVE-2019-12110 (An AddPortMapping Denial Of Service vulnerability in MiniUPnP MiniUPnP ...)
 	{DLA-1811-1}
 	- miniupnpd 2.1-6 (bug #930050)
-	[stretch] - miniupnpd <no-dsa> (Minor issue)
+	[stretch] - miniupnpd 1.8.20140523-4.1+deb9u2
 	NOTE: https://github.com/miniupnp/miniupnp/commit/f321c2066b96d18afa5158dfa2d2873a2957ef38
 CVE-2019-12109 (A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 ex ...)
 	{DLA-1811-1}
 	- miniupnpd 2.1-6 (bug #930050)
-	[stretch] - miniupnpd <no-dsa> (Minor issue)
+	[stretch] - miniupnpd 1.8.20140523-4.1+deb9u2
 	NOTE: https://github.com/miniupnp/miniupnp/commit/13585f15c7f7dc28bbbba1661efb280d530d114c
 	NOTE: https://github.com/miniupnp/miniupnp/commit/86030db849260dd8fb2ed975b9890aef1b62b692
 CVE-2019-12108 (A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 ex ...)
 	{DLA-1811-1}
 	- miniupnpd 2.1-6 (bug #930050)
-	[stretch] - miniupnpd <no-dsa> (Minor issue)
+	[stretch] - miniupnpd 1.8.20140523-4.1+deb9u2
 	NOTE: https://github.com/miniupnp/miniupnp/commit/13585f15c7f7dc28bbbba1661efb280d530d114c
 	NOTE: https://github.com/miniupnp/miniupnp/commit/86030db849260dd8fb2ed975b9890aef1b62b692
 CVE-2019-12107 (The upnp_event_prepare function in upnpevents.c in MiniUPnP MiniUPnPd  ...)
 	{DLA-1811-1}
 	- miniupnpd 2.1-6 (bug #930050)
-	[stretch] - miniupnpd <no-dsa> (Minor issue)
+	[stretch] - miniupnpd 1.8.20140523-4.1+deb9u2
 	NOTE: https://github.com/miniupnp/miniupnp/commit/bec6ccec63cadc95655721bc0e1dd49dac759d94
 	TODO: check, might affect minidlna
 CVE-2019-12106 (The updateDevice function in minissdpd.c in MiniUPnP MiniSSDPd 1.4 and ...)
 	{DLA-1805-1}
 	- minissdpd 1.5.20190210-1 (bug #929297)
-	[stretch] - minissdpd <no-dsa> (Minor issue)
+	[stretch] - minissdpd 1.2.20130907-4.1+deb9u1
 	NOTE: https://github.com/miniupnp/miniupnp/commit/cd506a67e174a45c6a202eff182a712955ed6d6f
 CVE-2019-12105
 	RESERVED
@@ -13446,7 +13448,7 @@ CVE-2019-11645
 CVE-2019-11675 (The groonga-httpd package 6.1.5-1 for Debian sets the /var/log/groonga ...)
 	- groonga 9.0.1-2 (bug #928304)
 	[buster] - groonga 9.0.0-1+deb10u1
-	[stretch] - groonga <no-dsa> (Minor issue, can be fixed via point release)
+	[stretch] - groonga 6.1.5-1+deb9u1
 CVE-2019-11644 (In the F-Secure installer in F-Secure SAFE for Windows before 17.6, F- ...)
 	NOT-FOR-US: F-Secure
 CVE-2019-11643 (Persistent XSS has been found in the OneShield Policy (Dragon Core) fr ...)
@@ -13574,7 +13576,7 @@ CVE-2015-9286 (Controllers.outgoing in controllers/index.js in NodeBB before 0.7
 CVE-2019-11627 (gpg-key2ps in signing-party 1.1.x and 2.x before 2.10-1 contains an un ...)
 	{DLA-1773-1}
 	- signing-party 2.10-1 (bug #928256)
-	[stretch] - signing-party <no-dsa> (Will be fixed via point release)
+	[stretch] - signing-party 2.5-1+deb9u1
 	NOTE: https://salsa.debian.org/signing-party-team/signing-party/commit/cd69b6c0426a6160ef3de03fce9c7f112166d5a8
 CVE-2019-11599 (The coredump implementation in the Linux kernel before 5.0.10 does not ...)
 	{DSA-4465-1 DLA-1824-1 DLA-1799-1}
@@ -14680,7 +14682,7 @@ CVE-2019-11187 (Incorrect Access Control in the LDAP class of GONICUS GOsa throu
 	{DLA-1876-1 DLA-1875-1}
 	- fusiondirectory 1.2.3-5
 	[buster] - fusiondirectory 1.2.3-4+deb10u1
-	[stretch] - fusiondirectory <no-dsa> (Minor issue)
+	[stretch] - fusiondirectory 1.0.19-1+deb9u1
 	- gosa 2.7.4+reloaded3-9
 	[buster] - gosa 2.7.4+reloaded3-8+deb10u1
 	[stretch] - gosa <no-dsa> (Minor issue)
@@ -14943,7 +14945,7 @@ CVE-2019-11068 (libxslt through 1.1.33 allows bypass of a protection mechanism b
 	{DLA-1756-1}
 	- libxslt 1.1.32-2.1 (bug #926895; bug #933743)
 	[buster] - libxslt 1.1.32-2.1~deb10u1
-	[stretch] - libxslt <no-dsa> (Minor issue)
+	[stretch] - libxslt 1.1.29-2.1+deb9u1
 	NOTE: https://gitlab.gnome.org/GNOME/libxslt/issues/12
 	NOTE: https://gitlab.gnome.org/GNOME/libxslt/commit/e03553605b45c88f0b4b2980adfbbb8f6fca2fd6
 CVE-2006-7254 (The nscd daemon in the GNU C Library (glibc) before version 2.5 does n ...)
@@ -15052,7 +15054,7 @@ CVE-2019-11039 (Function iconv_mime_decode_headers() in PHP versions 7.1.x below
 CVE-2019-11038 (When using the gdImageCreateFromXbm() function in the GD Graphics Libr ...)
 	{DLA-1817-1}
 	- libgd2 2.2.5-5.2 (low; bug #929821)
-	[stretch] - libgd2 <no-dsa> (Minor issue)
+	[stretch] - libgd2 2.2.4-2+deb9u5
 	- php7.3 7.3.6-1 (unimportant)
 	- php7.0 <removed> (unimportant)
 	- php5 <removed> (unimportant)
@@ -16919,6 +16921,7 @@ CVE-2019-10277 (Jenkins StarTeam Plugin stores credentials unencrypted in job co
 	NOT-FOR-US: Jenkins StarTeam Plugin
 CVE-2019-XXXX [insecure handling of /tmp/VMwareDnD]
 	- open-vm-tools 2:10.3.10-1 (bug #925959; unimportant)
+	[stretch] - open-vm-tools 2:10.1.5-5055683-4+deb9u2
 	NOTE: https://github.com/vmware/open-vm-tools/commit/e88f91b00a715b79255de6576506d80ecfdb064c
 	NOTE: Neutralised by kernel hardening
 CVE-2019-10276 (Western Bridge Cobub Razor 0.8.0 has a file upload vulnerability via t ...)
@@ -17385,7 +17388,7 @@ CVE-2019-10154 (A flaw was found in Moodle before versions 3.7, 3.6.4. A web ser
 	- moodle <removed>
 CVE-2019-10153 (A flaw was discovered in fence-agents, prior to version 4.3.4, where u ...)
 	- fence-agents 4.3.3-2 (low; bug #930887)
-	[stretch] - fence-agents <no-dsa> (Minor issue)
+	[stretch] - fence-agents 4.0.25-1+deb9u1
 	[jessie] - fence-agents <not-affected> (Vulnerable code introduced later)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1670460
 	NOTE: https://github.com/ClusterLabs/fence-agents/pull/255
@@ -18943,7 +18946,7 @@ CVE-2019-1010005 (HexoEditor v1.1.8-beta is affected by: XSS to code execution.
 CVE-2019-1010004 (SoX - Sound eXchange 14.4.2 and earlier is affected by: Out-of-bounds  ...)
 	{DLA-1695-1 DLA-1197-1}
 	- sox 14.4.2-2 (bug #881121)
-	[stretch] - sox <no-dsa> (Minor issue)
+	[stretch] - sox 14.4.1-5+deb9u2
 	NOTE: https://github.com/mansr/sox/commit/7a8ceb86212b28243bbb6d0de636f0dfbe833e53
 CVE-2019-1010003 (Leanote prior to version 2.6 is affected by: Cross Site Scripting (XSS ...)
 	NOT-FOR-US: Leanote
@@ -19969,7 +19972,7 @@ CVE-2019-9579
 	RESERVED
 CVE-2019-9578 (In devs.c in Yubico libu2f-host before 1.1.8, the response to init is  ...)
 	- libu2f-host 1.1.9-1 (low; bug #923874)
-	[stretch] - libu2f-host <no-dsa> (Minor issue)
+	[stretch] - libu2f-host 1.1.2-2+deb9u2
 	NOTE: https://github.com/Yubico/libu2f-host/commit/e4bb58cc8b6202a421e65f8230217d8ae6e16eb5
 CVE-2019-9577
 	RESERVED
@@ -21645,7 +21648,7 @@ CVE-2018-20783 (In PHP before 5.6.39, 7.x before 7.0.33, 7.1.x before 7.1.25, an
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=77143
 CVE-2018-1002161 [SQL injection in multiple remote calls]
 	- koji 1.16.2-1 (bug #922922)
-	[stretch] - koji <no-dsa> (Will be fixed via point release)
+	[stretch] - koji 1.10.0-1+deb9u1
 	NOTE: https://docs.pagure.org/koji/CVE-2018-1002161/
 	NOTE: https://pagure.io/koji/issue/1183
 CVE-2019-8980 (A memory leak in the kernel_read_file function in fs/exec.c in the Lin ...)
@@ -22301,7 +22304,7 @@ CVE-2019-8696 [stack-buffer-overflow in libcups's asn1_get_packed function]
 	{DLA-1893-1}
 	- cups 2.2.12-1 (bug #934957)
 	[buster] - cups 2.2.10-6+deb10u1
-	[stretch] - cups <no-dsa> (Minor issue, can be fixed via point release)
+	[stretch] - cups 2.2.1-8+deb9u4
 	NOTE: https://github.com/apple/cups/commit/f24e6cf6a39300ad0c3726a41a4aab51ad54c109
 CVE-2019-8695
 	RESERVED
@@ -22361,7 +22364,7 @@ CVE-2019-8675 [stack-buffer-overflow in libcups's asn1_get_type function]
 	{DLA-1893-1}
 	- cups 2.2.12-1 (bug #934957)
 	[buster] - cups 2.2.10-6+deb10u1
-	[stretch] - cups <no-dsa> (Minor issue, can be fixed via point release)
+	[stretch] - cups 2.2.1-8+deb9u4
 	NOTE: https://github.com/apple/cups/commit/f24e6cf6a39300ad0c3726a41a4aab51ad54c109
 CVE-2019-8674
 	RESERVED
@@ -23180,21 +23183,25 @@ CVE-2019-8358 (In Hiawatha before 10.8.4, a remote attacker is able to do direct
 CVE-2019-8357 (An issue was discovered in SoX 14.4.2. lsx_make_lpf in effect_i_dsp.c  ...)
 	{DLA-1808-1}
 	- sox 14.4.2+git20190427-1 (low; bug #927906)
+	[stretch] - sox 14.4.1-5+deb9u2
 	NOTE: https://sourceforge.net/p/sox/bugs/318
 	NOTE: https://sourceforge.net/p/sox/code/ci/2ce02fea7b350de9ddfbcf542ba4dd59a8ab255b/
 CVE-2019-8356 (An issue was discovered in SoX 14.4.2. One of the arguments to bitrv2  ...)
 	{DLA-1808-1}
 	- sox 14.4.2+git20190427-1 (bug #927906)
+	[stretch] - sox 14.4.1-5+deb9u2
 	NOTE: https://sourceforge.net/p/sox/bugs/321
 	NOTE: https://sourceforge.net/p/sox/code/ci/b7883ae1398499daaa926ae6621f088f0f531ed8/
 CVE-2019-8355 (An issue was discovered in SoX 14.4.2. In xmalloc.h, there is an integ ...)
 	{DLA-1808-1}
 	- sox 14.4.2+git20190427-1 (bug #927906)
+	[stretch] - sox 14.4.1-5+deb9u2
 	NOTE: https://sourceforge.net/p/sox/bugs/320
 	NOTE: https://sourceforge.net/p/sox/code/ci/f8587e2d50dad72d40453ac1191c539ee9e50381/
 CVE-2019-8354 (An issue was discovered in SoX 14.4.2. lsx_make_lpf in effect_i_dsp.c  ...)
 	{DLA-1808-1}
 	- sox 14.4.2+git20190427-1 (bug #927906)
+	[stretch] - sox 14.4.1-5+deb9u2
 	NOTE: https://sourceforge.net/p/sox/bugs/319
 	NOTE: https://sourceforge.net/p/sox/code/ci/f70911261a84333b077c29908e1242f69d7439eb
 CVE-2019-8353
@@ -24731,7 +24738,7 @@ CVE-2019-7660 (An issue was discovered in PHPMyWind 5.5. The username parameter
 CVE-2019-7659 (Genivia gSOAP 2.7.x and 2.8.x before 2.8.75 allows attackers to cause  ...)
 	{DLA-1681-1}
 	- gsoap 2.8.75-1
-	[stretch] - gsoap <no-dsa> (Minor issue)
+	[stretch] - gsoap 2.8.35-4+deb9u2
 	- r-other-x4r 1.0.1+git20150806.c6bd9bd-2
 	NOTE: https://www.genivia.com/advisory.html#Bug_in_gSOAP_versions_2.7.0_to_2.8.74_for_applications_built_with_the_WITH_COOKIES_flag_enabled_
 	NOTE: https://lists.debian.org/debian-lts/2019/02/msg00131.html
@@ -24825,10 +24832,10 @@ CVE-2019-7635 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0
 	[stretch] - libsdl2 <no-dsa> (Minor issue)
 	- sdl-image1.2 1.2.12-11 (bug #932755)
 	[buster] - sdl-image1.2 1.2.12-10+deb10u1
-	[stretch] - sdl-image1.2 <no-dsa> (Minor issue)
+	[stretch] - sdl-image1.2 1.2.12-5+deb9u2
 	- libsdl2-image 2.0.5+dfsg1-1 (bug #932754)
 	[buster] - libsdl2-image 2.0.4+dfsg1-1+deb10u1
-	[stretch] - libsdl2-image <no-dsa> (Minor issue)
+	[stretch] - libsdl2-image 2.0.1+dfsg-2+deb9u2
 	NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4498
 	NOTE: https://hg.libsdl.org/SDL/rev/7c643f1c1887 (SDL-2)
 	NOTE: https://hg.libsdl.org/SDL/rev/08f3b4992538 (SDL-1.2) (correct)
@@ -27977,7 +27984,7 @@ CVE-2019-6439 (examples/benchmark/tls_bench.c in a benchmark tool in wolfSSL thr
 	NOTE: Issue only in example code
 CVE-2019-6438 (SchedMD Slurm before 17.11.13 and 18.x before 18.08.5 mishandles 32-bi ...)
 	- slurm-llnl 18.08.5.2-1 (low; bug #920997)
-	[stretch] - slurm-llnl <no-dsa> (Minor issue)
+	[stretch] - slurm-llnl 16.05.9-1+deb9u3
 	[jessie] - slurm-llnl <no-dsa> (Minor issue)
 	NOTE: https://www.schedmd.com/news.php?id=213
 	NOTE: https://lists.schedmd.com/pipermail/slurm-announce/2019/000018.html
@@ -31393,11 +31400,11 @@ CVE-2019-5059 (An exploitable code execution vulnerability exists in the XPM ima
 CVE-2019-5058 (An exploitable code execution vulnerability exists in the XCF image re ...)
 	- libsdl2-image 2.0.5+dfsg1-1 (bug #932754)
 	[buster] - libsdl2-image 2.0.4+dfsg1-1+deb10u1
-	[stretch] - libsdl2-image <no-dsa> (Minor issue)
+	[stretch] - libsdl2-image 2.0.1+dfsg-2+deb9u2
 	[jessie] - libsdl2-image 2.0.0+dfsg-3+deb8u2
 	- sdl-image1.2 1.2.12-11 (bug #932755)
 	[buster] - sdl-image1.2 1.2.12-10+deb10u1
-	[stretch] - sdl-image1.2 <no-dsa> (Minor issue)
+	[stretch] - sdl-image1.2 1.2.12-5+deb9u2
 	[jessie] - sdl-image1.2 1.2.12-5+deb8u2
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2019-0842
 	NOTE: https://hg.libsdl.org/SDL_image/rev/b1a80aec2b10
@@ -31405,11 +31412,11 @@ CVE-2019-5058 (An exploitable code execution vulnerability exists in the XCF ima
 CVE-2019-5057 (An exploitable code execution vulnerability exists in the PCX image-re ...)
 	- libsdl2-image 2.0.5+dfsg1-1 (bug #932754)
 	[buster] - libsdl2-image 2.0.4+dfsg1-1+deb10u1
-	[stretch] - libsdl2-image <no-dsa> (Minor issue)
+	[stretch] - libsdl2-image 2.0.1+dfsg-2+deb9u2
 	[jessie] - libsdl2-image <no-dsa> (Minor issue)
 	- sdl-image1.2 <unfixed> (bug #932755)
 	[buster] - sdl-image1.2 1.2.12-10+deb10u1
-	[stretch] - sdl-image1.2 <no-dsa> (Minor issue)
+	[stretch] - sdl-image1.2 1.2.12-5+deb9u2
 	[jessie] - sdl-image1.2 <no-dsa> (Minor issue)
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2019-0841
 	NOTE: https://hg.libsdl.org/SDL_image/rev/7453e79c8cdb
@@ -31425,20 +31432,20 @@ CVE-2019-5052 (An exploitable integer overflow vulnerability exists when loading
 	{DLA-1865-1 DLA-1861-1}
 	- libsdl2-image 2.0.5+dfsg1-1 (bug #932754)
 	[buster] - libsdl2-image 2.0.4+dfsg1-1+deb10u1
-	[stretch] - libsdl2-image <no-dsa> (Minor issue)
+	[stretch] - libsdl2-image 2.0.1+dfsg-2+deb9u2
 	- sdl-image1.2 1.2.12-11 (bug #932755)
 	[buster] - sdl-image1.2 1.2.12-10+deb10u1
-	[stretch] - sdl-image1.2 <no-dsa> (Minor issue)
+	[stretch] - sdl-image1.2 1.2.12-5+deb9u2
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2019-0821
 	NOTE: https://hg.libsdl.org/SDL_image/rev/b920be2b3fc6
 CVE-2019-5051 (An exploitable heap-based buffer overflow vulnerability exists when lo ...)
 	{DLA-1865-1 DLA-1861-1}
 	- libsdl2-image 2.0.5+dfsg1-1 (bug #932754)
 	[buster] - libsdl2-image 2.0.4+dfsg1-1+deb10u1
-	[stretch] - libsdl2-image <no-dsa> (Minor issue)
+	[stretch] - libsdl2-image 2.0.1+dfsg-2+deb9u2
 	- sdl-image1.2 1.2.12-11 (bug #932755)
 	[buster] - sdl-image1.2 1.2.12-10+deb10u1
-	[stretch] - sdl-image1.2 <no-dsa> (Minor issue)
+	[stretch] - sdl-image1.2 1.2.12-5+deb9u2
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2019-0820
 	NOTE: https://hg.libsdl.org/SDL_image/rev/e7e9786a1a34
 CVE-2019-5050
@@ -35391,12 +35398,13 @@ CVE-2018-20550
 CVE-2018-20549 (There is an illegal WRITE memory access at caca/file.c (function caca_ ...)
 	{DLA-1631-1}
 	- libcaca 0.99.beta19-2.1 (low; bug #917807)
-	[stretch] - libcaca <no-dsa> (Minor issue)
+	[stretch] - libcaca 0.99.beta19-2.1~deb9u1
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1652628
 	NOTE: https://github.com/cacalabs/libcaca/issues/41
 	NOTE: Fixed by: https://github.com/cacalabs/libcaca/commit/3e52dabe3e64dc50f4422effe364a1457a8a8592
 CVE-2018-20548 (There is an illegal WRITE memory access at common-image.c (function lo ...)
 	- libcaca 0.99.beta19-2.1 (unimportant; bug #917807)
+	[stretch] - libcaca 0.99.beta19-2.1~deb9u1
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1652625
 	NOTE: https://github.com/cacalabs/libcaca/issues/40
 	NOTE: Upstream fix: https://github.com/cacalabs/libcaca/commit/f6c61faa26b3e150c3daf514589afa737f42f152
@@ -35405,19 +35413,20 @@ CVE-2018-20548 (There is an illegal WRITE memory access at common-image.c (funct
 CVE-2018-20547 (There is an illegal READ memory access at caca/dither.c (function get_ ...)
 	{DLA-1631-1}
 	- libcaca 0.99.beta19-2.1 (low; bug #917807)
-	[stretch] - libcaca <no-dsa> (Minor issue)
+	[stretch] - libcaca 0.99.beta19-2.1~deb9u1
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1652624
 	NOTE: https://github.com/cacalabs/libcaca/issues/39
 	NOTE: Fixed by: https://github.com/cacalabs/libcaca/commit/02a09ec9e5ed8981e7a810bfb6a0172dc24f0790
 CVE-2018-20546 (There is an illegal READ memory access at caca/dither.c (function get_ ...)
 	{DLA-1631-1}
 	- libcaca 0.99.beta19-2.1 (low; bug #917807)
-	[stretch] - libcaca <no-dsa> (Minor issue)
+	[stretch] - libcaca 0.99.beta19-2.1~deb9u1
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1652622
 	NOTE: https://github.com/cacalabs/libcaca/issues/38
 	NOTE: Fixed by: https://github.com/cacalabs/libcaca/commit/02a09ec9e5ed8981e7a810bfb6a0172dc24f0790
 CVE-2018-20545 (There is an illegal WRITE memory access at common-image.c (function lo ...)
 	- libcaca 0.99.beta19-2.1 (unimportant; bug #917807)
+	[stretch] - libcaca 0.99.beta19-2.1~deb9u1
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1652621
 	NOTE: https://github.com/cacalabs/libcaca/issues/37
 	NOTE: Upstream fix: https://github.com/cacalabs/libcaca/commit/f6c61faa26b3e150c3daf514589afa737f42f152
@@ -35426,7 +35435,7 @@ CVE-2018-20545 (There is an illegal WRITE memory access at common-image.c (funct
 CVE-2018-20544 (There is floating point exception at caca/dither.c (function caca_dith ...)
 	{DLA-1631-1}
 	- libcaca 0.99.beta19-2.1 (low; bug #917807)
-	[stretch] - libcaca <no-dsa> (Minor issue)
+	[stretch] - libcaca 0.99.beta19-2.1~deb9u1
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1652627
 	NOTE: https://github.com/cacalabs/libcaca/issues/36
 	NOTE: Upstream fix: https://github.com/cacalabs/libcaca/commit/84bd155087b93ab2d8d7cb5b1ac94ecd4cf4f93c
@@ -38011,6 +38020,7 @@ CVE-2019-2805 (Vulnerability in the MySQL Server component of Oracle MySQL (subc
 	- mariadb-10.3 1:10.3.17-1
 	[buster] - mariadb-10.3 1:10.3.17-0+deb10u1
 	- mariadb-10.1 <removed>
+	[stretch] - mariadb-10.1 10.1.41-0+deb9u1
 	- mysql-5.7 <unfixed> (bug #932340)
 	NOTE: Fixed in MariaDB: 10.3.17, 10.1.41
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html#AppendixMSQL
@@ -38173,6 +38183,7 @@ CVE-2019-2740 (Vulnerability in the MySQL Server component of Oracle MySQL (subc
 	- mariadb-10.3 1:10.3.17-1
 	[buster] - mariadb-10.3 1:10.3.17-0+deb10u1
 	- mariadb-10.1 <removed>
+	[stretch] - mariadb-10.1 10.1.41-0+deb9u1
 	- mysql-5.7 <unfixed> (bug #932340)
 	NOTE: Fixed in MariaDB: 10.3.17, 10.1.41
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html#AppendixMSQL
@@ -38180,6 +38191,7 @@ CVE-2019-2739 (Vulnerability in the MySQL Server component of Oracle MySQL (subc
 	- mariadb-10.3 1:10.3.17-1
 	[buster] - mariadb-10.3 1:10.3.17-0+deb10u1
 	- mariadb-10.1 <removed>
+	[stretch] - mariadb-10.1 10.1.41-0+deb9u1
 	- mysql-5.7 <unfixed> (bug #932340)
 	NOTE: Fixed in MariaDB: 10.3.17, 10.1.41
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html#AppendixMSQL
@@ -38190,6 +38202,7 @@ CVE-2019-2737 (Vulnerability in the MySQL Server component of Oracle MySQL (subc
 	- mariadb-10.3 1:10.3.17-1
 	[buster] - mariadb-10.3 1:10.3.17-0+deb10u1
 	- mariadb-10.1 <removed>
+	[stretch] - mariadb-10.1 10.1.41-0+deb9u1
 	- mysql-5.7 <unfixed> (bug #932340)
 	NOTE: Fixed in MariaDB: 10.3.17, 10.1.41
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html#AppendixMSQL
@@ -38439,7 +38452,7 @@ CVE-2019-2628 (Vulnerability in the MySQL Server component of Oracle MySQL (subc
 CVE-2019-2627 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mariadb-10.3 1:10.3.15-1 (bug #928393)
 	- mariadb-10.1 <removed>
-	[stretch] - mariadb-10.1 <no-dsa> (Minor issue)
+	[stretch] - mariadb-10.1 10.1.41-0+deb9u1
 	- mariadb-10.0 <removed>
 	[jessie] - mariadb-10.0 <postponed> (Minor issue)
 	- mysql-5.7 5.7.26-1 (bug #927308)
@@ -38472,7 +38485,7 @@ CVE-2019-2615 (Vulnerability in the Oracle WebLogic Server component of Oracle F
 CVE-2019-2614 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
 	- mariadb-10.3 1:10.3.15-1 (bug #928393)
 	- mariadb-10.1 <removed>
-	[stretch] - mariadb-10.1 <no-dsa> (Minor issue)
+	[stretch] - mariadb-10.1 10.1.41-0+deb9u1
 	- mariadb-10.0 <removed>
 	[jessie] - mariadb-10.0 <postponed> (Minor issue)
 	- mysql-5.7 5.7.26-1 (bug #927308)
@@ -46663,7 +46676,7 @@ CVE-2018-19106 (Avi Vantage before 17.2.13 uses an invalid URL encoding during a
 CVE-2018-19105 (LibreCAD 2.1.3 allows remote attackers to cause a denial of service (0 ...)
 	{DLA-1776-1}
 	- librecad 2.1.3-1.2 (bug #928477)
-	[stretch] - librecad <no-dsa> (Minor issue)
+	[stretch] - librecad 2.1.2-1+deb9u1
 	NOTE: https://code610.blogspot.com/2018/11/crashing-librecad-213.html
 	NOTE: https://github.com/LibreCAD/LibreCAD/issues/1038
 	NOTE: Fixed by https://github.com/LibreCAD/LibreCAD/commit/6da7cc5f7f31afb008f03dbd11e07207ccd82085
@@ -47563,6 +47576,7 @@ CVE-2018-18719
 CVE-2018-18718 (An issue was discovered in gThumb through 3.6.2. There is a double-fre ...)
 	{DLA-1567-1}
 	- gthumb 3:3.6.2-2 (unimportant; bug #912290)
+	[stretch] - gthumb 3:3.4.4.1-5+deb9u1
 	NOTE: https://gitlab.gnome.org/GNOME/gthumb/issues/18
 	NOTE: https://gitlab.gnome.org/GNOME/gthumb/commit/06c39346fda502bd37429006d4822dd977995661 (master)
 	NOTE: https://gitlab.gnome.org/GNOME/gthumb/commit/f3edf6952757f887569e8c26cf18d40409f3fdca (3.6)
@@ -53746,7 +53760,7 @@ CVE-2018-16430 (GNU Libextractor through 1.7 has an out-of-bounds read vulnerabi
 CVE-2018-16429 (GNOME GLib 2.56.1 has an out-of-bounds read vulnerability in g_markup_ ...)
 	{DLA-1866-1}
 	- glib2.0 2.58.0-1 (low)
-	[stretch] - glib2.0 <no-dsa> (Minor issue)
+	[stretch] - glib2.0 2.50.3-2+deb9u1
 	NOTE: https://gitlab.gnome.org/GNOME/glib/commit/cec71705406f0b2790422f0c1aa0ff3b4b464b1b
 	NOTE: https://gitlab.gnome.org/GNOME/glib/issues/1361
 CVE-2018-16428 (In GNOME GLib 2.56.1, g_markup_parse_context_end_parse() in gmarkup.c  ...)
@@ -57758,11 +57772,11 @@ CVE-2018-14781 (Medtronic MMT 508 MiniMed insulin pump, 522 / MMT - 722 Paradigm
 	NOT-FOR-US: Medtronic
 CVE-2018-14780 (An out-of-bounds read issue was discovered in the Yubico-Piv 1.5.0 sma ...)
 	- yubico-piv-tool 1.6.1-1 (low; bug #906128)
-	[stretch] - yubico-piv-tool <no-dsa> (Minor issue)
+	[stretch] - yubico-piv-tool 1.4.2-2+deb9u1
 	NOTE: https://www.x41-dsec.de/lab/advisories/x41-2018-001-Yubico-Piv/
 CVE-2018-14779 (A buffer overflow issue was discovered in the Yubico-Piv 1.5.0 smartca ...)
 	- yubico-piv-tool 1.6.1-1 (low; bug #906128)
-	[stretch] - yubico-piv-tool <no-dsa> (Minor issue)
+	[stretch] - yubico-piv-tool 1.4.2-2+deb9u1
 	NOTE: https://www.x41-dsec.de/lab/advisories/x41-2018-001-Yubico-Piv/
 CVE-2018-14778
 	RESERVED
@@ -79015,7 +79029,7 @@ CVE-2018-7050 (An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.
 CVE-2017-18189 (In the startread function in xa.c in Sound eXchange (SoX) through 14.4 ...)
 	{DLA-1695-1 DLA-1197-1}
 	- sox 14.4.2-2 (bug #881121)
-	[stretch] - sox <no-dsa> (Minor issue)
+	[stretch] - sox 14.4.1-5+deb9u2
 	NOTE: https://github.com/mansr/sox/commit/7a8ceb86212b28243bbb6d0de636f0dfbe833e53
 CVE-2018-7049 (An issue was discovered in Wowza Streaming Engine before 4.7.1. There  ...)
 	NOT-FOR-US: Wowza Streaming Engine
@@ -81168,7 +81182,7 @@ CVE-2016-10711 (Apsis Pound before 2.8a allows request smuggling via crafted hea
 	{DLA-1280-1}
 	[experimental] - pound 2.8-1+patrodyne20190113
 	- pound 2.8-2 (bug #888786)
-	[stretch] - pound <no-dsa> (Minor issue)
+	[stretch] - pound 2.7-1.3+deb9u1
 	[jessie] - pound <no-dsa> (Minor issue)
 	NOTE: http://www.apsis.ch/pound/pound_list/archive/2016/2016-10/1477235279000
 	NOTE: https://www.suse.com/de-de/security/cve/CVE-2016-10711/
@@ -87860,9 +87874,9 @@ CVE-2018-3978 (An exploitable out-of-bounds write vulnerability exists in the Wo
 CVE-2018-3977 (An exploitable code execution vulnerability exists in the XCF image re ...)
 	{DLA-1865-1 DLA-1861-1}
 	- libsdl2-image 2.0.3+dfsg1-3 (bug #912617)
-	[stretch] - libsdl2-image <no-dsa> (Minor issue)
+	[stretch] - libsdl2-image 2.0.1+dfsg-2+deb9u2
 	- sdl-image1.2 1.2.12-10 (bug #912618)
-	[stretch] - sdl-image1.2 <no-dsa> (Minor issue)
+	[stretch] - sdl-image1.2 1.2.12-5+deb9u2
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2018-0645
 	NOTE: https://hg.libsdl.org/SDL_image/rev/170d7d32e4a8
 	NOTE: follow-up fix (TALOS-2019-0842): https://hg.libsdl.org/SDL_image/rev/b1a80aec2b10
@@ -95794,7 +95808,7 @@ CVE-2018-1321 (An administrator with report and template entitlements in Apache
 CVE-2018-1320 (Apache Thrift Java client library versions 0.5.0 through 0.11.0 can by ...)
 	{DLA-1662-1}
 	- libthrift-java 0.9.1-2.1 (bug #918736)
-	[stretch] - libthrift-java <no-dsa> (Minor issue)
+	[stretch] - libthrift-java 0.9.1-2.1~deb9u1
 	NOTE: https://issues.apache.org/jira/browse/THRIFT-4506
 	NOTE: https://github.com/apache/thrift/commit/d973409661f820d80d72c0034d06a12348c8705e
 CVE-2018-1319 (In Apache Allura prior to 1.8.1, attackers may craft URLs that cause H ...)
@@ -102974,6 +102988,7 @@ CVE-2017-16043 (Shout is an IRC client. Because the `/topic` command in messages
 	NOT-FOR-US: Shout
 CVE-2017-16042 (Growl adds growl notification support to nodejs. Growl before 1.10.2 d ...)
 	- node-growl 1.10.5-1 (unimportant; bug #900868)
+	[stretch] - node-growl 1.7.0-1+deb9u1
 	NOTE: Issue: https://github.com/tj/node-growl/issues/60
 	NOTE: https://github.com/tj/node-growl/pull/61
 	NOTE: https://nodesecurity.io/advisories/146
@@ -103408,7 +103423,7 @@ CVE-2016-10543 (call is an HTTP router that is primarily used by the hapi framew
 	NOT-FOR-US: call HTTP router
 CVE-2016-10542 (ws is a "simple to use, blazing fast and thoroughly tested websocket c ...)
 	- node-ws 1.1.0+ds1.e6ddaae4-5 (bug #927671)
-	[stretch] - node-ws <ignored> (Nodejs in stretch not covered by security support)
+	[stretch] - node-ws 1.1.0+ds1.e6ddaae4-3+deb9u1
 	[jessie] - node-ws <ignored> (Nodejs in jessie not covered by security support)
 	NOTE: https://nodesecurity.io/advisories/120
 	NOTE: https://github.com/nodejs/node/issues/7388
@@ -104401,7 +104416,7 @@ CVE-2017-15650 (musl libc before 1.1.17 has a buffer overflow via crafted DNS re
 CVE-2017-15642 (In lsx_aiffstartread in aiff.c in Sound eXchange (SoX) 14.4.2, there i ...)
 	{DLA-1695-1 DLA-1197-1}
 	- sox 14.4.2-2 (bug #882144)
-	[stretch] - sox <no-dsa> (Minor issue)
+	[stretch] - sox 14.4.1-5+deb9u2
 	NOTE: https://sourceforge.net/p/sox/bugs/298/
 	NOTE: https://github.com/mansr/sox/commit/0be259eaa9ce3f3fa587a3ef0cf2c0b9c73167a2
 CVE-2017-15641
@@ -105176,19 +105191,19 @@ CVE-2017-15373 (E-Sic 1.0 allows SQL injection via the q parameter to esiclivre/
 CVE-2017-15372 (There is a stack-based buffer overflow in the lsx_ms_adpcm_block_expan ...)
 	{DLA-1695-1 DLA-1197-1}
 	- sox 14.4.2-2 (bug #878808)
-	[stretch] - sox <no-dsa> (Minor issue)
+	[stretch] - sox 14.4.1-5+deb9u2
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1500553
 	NOTE: https://github.com/mansr/sox/commit/001c337552912d286ba68086ac378f6fdc1e8b50
 CVE-2017-15371 (There is a reachable assertion abort in the function sox_append_commen ...)
 	{DLA-1705-1 DLA-1197-1}
 	- sox 14.4.2-2 (bug #878809)
-	[stretch] - sox <no-dsa> (Minor issue)
+	[stretch] - sox 14.4.1-5+deb9u2
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1500570
 	NOTE: https://github.com/mansr/sox/commit/818bdd0ccc1e5b6cae742c740c17fd414935cf39
 CVE-2017-15370 (There is a heap-based buffer overflow in the ImaExpandS function of im ...)
 	{DLA-1695-1 DLA-1197-1}
 	- sox 14.4.2-2 (bug #878810)
-	[stretch] - sox <no-dsa> (Minor issue)
+	[stretch] - sox 14.4.1-5+deb9u2
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1500554
 	NOTE: https://github.com/mansr/sox/commit/ef3d8be0f80cbb650e4766b545d61e10d7a24c9e
 CVE-2017-15369 (The build_filter_chain function in pdf/pdf-stream.c in Artifex MuPDF b ...)
@@ -106204,7 +106219,7 @@ CVE-2017-15064
 	REJECTED
 CVE-2017-1002153 (Koji 1.13.0 does not properly validate SCM paths, allowing an attacker ...)
 	- koji 1.16.0-1 (bug #877921)
-	[stretch] - koji <no-dsa> (Minor issue)
+	[stretch] - koji 1.10.0-1+deb9u1
 	NOTE: https://pagure.io/koji/issue/563
 	NOTE: https://pagure.io/koji/c/ba7b5a3cbed11ade11c3af5e834c9a6de4f6d7c3
 CVE-2017-1000257 (An IMAP FETCH response line indicates the size of the returned data, i ...)
@@ -116159,6 +116174,7 @@ CVE-2017-11747 (main.c in Tinyproxy 1.8.4 and earlier creates a /run/tinyproxy/t
 CVE-2017-11746 (Tenshi 0.15 creates a tenshi.pid file after dropping privileges to a n ...)
 	{DLA-1069-1}
 	- tenshi 0.13-2.1 (unimportant; bug #871321)
+	[stretch] - tenshi 0.13-2.1~deb9u1
 	NOTE: https://github.com/inversepath/tenshi/issues/6
 	NOTE: https://github.com/inversepath/tenshi/commit/d0e7f28c13ffbd5888b31d6532c2faf78f10f176
 	NOTE: Negligible security impact
@@ -117490,14 +117506,14 @@ CVE-2017-11360 (The ReadRLEImage function in coders\rle.c in ImageMagick 7.0.6-1
 CVE-2017-11359 (The wavwritehdr function in wav.c in Sound eXchange (SoX) 14.4.2 allow ...)
 	{DLA-1705-1 DLA-1197-1}
 	- sox 14.4.2-2 (bug #870328)
-	[stretch] - sox <no-dsa> (Minor issue)
+	[stretch] - sox 14.4.1-5+deb9u2
 	NOTE: http://seclists.org/fulldisclosure/2017/Jul/81
 	NOTE: Upstream bug report https://sourceforge.net/p/sox/bugs/296/
 	NOTE: https://github.com/mansr/sox/commit/8b590b3a52f4ccc4eea3f41b4a067c38b3565b60
 CVE-2017-11358 (The read_samples function in hcom.c in Sound eXchange (SoX) 14.4.2 all ...)
 	{DLA-1705-1 DLA-1197-1}
 	- sox 14.4.2-2 (bug #870328)
-	[stretch] - sox <no-dsa> (Minor issue)
+	[stretch] - sox 14.4.1-5+deb9u2
 	NOTE: http://seclists.org/fulldisclosure/2017/Jul/81
 	NOTE: Upstream bug report https://sourceforge.net/p/sox/bugs/296/
 	NOTE: https://github.com/mansr/sox/commit/6cb44a44b9eda6b321ccdbf6483348d4a9798b00
@@ -117630,7 +117646,7 @@ CVE-2017-11333 (The vorbis_analysis_wrote function in lib/block.c in Xiph.Org li
 CVE-2017-11332 (The startread function in wav.c in Sound eXchange (SoX) 14.4.2 allows  ...)
 	{DLA-1705-1 DLA-1197-1}
 	- sox 14.4.2-2 (bug #870328)
-	[stretch] - sox <no-dsa> (Minor issue)
+	[stretch] - sox 14.4.1-5+deb9u2
 	NOTE: http://seclists.org/fulldisclosure/2017/Jul/81
 	NOTE: Upstream bug report https://sourceforge.net/p/sox/bugs/296/
 	NOTE: https://github.com/mansr/sox/commit/7405bcaacb1ded8c595cb751d407cf738cb26571
diff --git a/data/next-oldstable-point-update.txt b/data/next-oldstable-point-update.txt
index bc4e68d160..2b274b3bb9 100644
--- a/data/next-oldstable-point-update.txt
+++ b/data/next-oldstable-point-update.txt
@@ -14,206 +14,17 @@ CVE-2017-16544
 	[stretch] - busybox 1:1.22.0-19+deb9u1
 CVE-2017-17840
 	[stretch] - open-iscsi 2.0.874-3~deb9u2
-CVE-2018-14779
-	[stretch] - yubico-piv-tool 1.4.2-2+deb9u1
-CVE-2018-14780
-	[stretch] - yubico-piv-tool 1.4.2-2+deb9u1
-CVE-2018-18718
-	[stretch] - gthumb 3:3.4.4.1-5+deb9u1
 CVE-2018-16336
 	[stretch] - exiv2 0.25-3.1+deb9u2
-CVE-2019-6438
-	[stretch] - slurm-llnl 16.05.9-1+deb9u3
-CVE-2019-7659
-	[stretch] - gsoap 2.8.35-4+deb9u2
-CVE-2019-XXXX
-	[stretch] - open-vm-tools 2:10.1.5-5055683-4+deb9u2
-	NOTE: For #925959 (no CVE)
 CVE-2019-8907
 	[stretch] - file 1:5.30-1+deb9u3
 CVE-2019-8905
 	[stretch] - file 1:5.30-1+deb9u3
-CVE-2019-11627
-	[stretch] - signing-party 2.5-1+deb9u1
-CVE-2018-20544
-	[stretch] - libcaca 0.99.beta19-2.1~deb9u1
-CVE-2018-20545
-	[stretch] - libcaca 0.99.beta19-2.1~deb9u1
-CVE-2018-20546
-	[stretch] - libcaca 0.99.beta19-2.1~deb9u1
-CVE-2018-20547
-	[stretch] - libcaca 0.99.beta19-2.1~deb9u1
-CVE-2018-20548
-	[stretch] - libcaca 0.99.beta19-2.1~deb9u1
-CVE-2018-20549
-	[stretch] - libcaca 0.99.beta19-2.1~deb9u1
-CVE-2018-1320
-	[stretch] - libthrift-java 0.9.1-2.1~deb9u1
-CVE-2019-11675
-	[stretch] - groonga 6.1.5-1+deb9u1
-CVE-2019-2627
-	[stretch] - mariadb-10.1 10.1.41-0+deb9u1
-CVE-2019-2614
-	[stretch] - mariadb-10.1 10.1.41-0+deb9u1
-CVE-2019-2737
-	[stretch] - mariadb-10.1 10.1.41-0+deb9u1
-CVE-2019-2739
-	[stretch] - mariadb-10.1 10.1.41-0+deb9u1
-CVE-2019-2740
-	[stretch] - mariadb-10.1 10.1.41-0+deb9u1
-CVE-2019-2805
-	[stretch] - mariadb-10.1 10.1.41-0+deb9u1
-CVE-2018-19105
-	[stretch] - librecad 2.1.2-1+deb9u1
-CVE-2019-12106
-	[stretch] - minissdpd 1.2.20130907-4.1+deb9u1
-CVE-2017-16042
-	[stretch] - node-growl 1.7.0-1+deb9u1
-CVE-2019-12107
-	[stretch] - miniupnpd 1.8.20140523-4.1+deb9u2
-CVE-2019-12108
-	[stretch] - miniupnpd 1.8.20140523-4.1+deb9u2
-CVE-2019-12109
-	[stretch] - miniupnpd 1.8.20140523-4.1+deb9u2
-CVE-2019-12110
-	[stretch] - miniupnpd 1.8.20140523-4.1+deb9u2
-CVE-2019-11038
-	[stretch] - libgd2 2.2.4-2+deb9u5
 CVE-2018-3774
 	[stretch] - node-url-parse 1.0.5-2+deb9u1
-CVE-2017-11746
-	[stretch] - tenshi 0.13-2.1~deb9u1
-CVE-2019-13031
-	[stretch] - lemonldap-ng 1.9.7-3+deb9u2
-CVE-2019-10153
-	[stretch] - fence-agents 4.0.25-1+deb9u1
-CVE-2016-10711
-	[stretch] - pound 2.7-1.3+deb9u1
-CVE-2018-3977
-	[stretch] - libsdl2-image 2.0.1+dfsg-2+deb9u2
-	[stretch] - sdl-image1.2 1.2.12-5+deb9u2
-CVE-2019-5052
-	[stretch] - libsdl2-image 2.0.1+dfsg-2+deb9u2
-	[stretch] - sdl-image1.2 1.2.12-5+deb9u2
-CVE-2019-5051
-	[stretch] - libsdl2-image 2.0.1+dfsg-2+deb9u2
-	[stretch] - sdl-image1.2 1.2.12-5+deb9u2
-CVE-2019-7635
-	[stretch] - libsdl2-image 2.0.1+dfsg-2+deb9u2
-	[stretch] - sdl-image1.2 1.2.12-5+deb9u2
-CVE-2019-12216
-	[stretch] - libsdl2-image 2.0.1+dfsg-2+deb9u2
-	[stretch] - sdl-image1.2 1.2.12-5+deb9u2
-CVE-2019-12217
-	[stretch] - libsdl2-image 2.0.1+dfsg-2+deb9u2
-	[stretch] - sdl-image1.2 1.2.12-5+deb9u2
-CVE-2019-12218
-	[stretch] - libsdl2-image 2.0.1+dfsg-2+deb9u2
-	[stretch] - sdl-image1.2 1.2.12-5+deb9u2
-CVE-2019-12219
-	[stretch] - libsdl2-image 2.0.1+dfsg-2+deb9u2
-	[stretch] - sdl-image1.2 1.2.12-5+deb9u2
-CVE-2019-12220
-	[stretch] - libsdl2-image 2.0.1+dfsg-2+deb9u2
-	[stretch] - sdl-image1.2 1.2.12-5+deb9u2
-CVE-2019-12221
-	[stretch] - libsdl2-image 2.0.1+dfsg-2+deb9u2
-	[stretch] - sdl-image1.2 1.2.12-5+deb9u2
-CVE-2019-12222
-	[stretch] - libsdl2-image 2.0.1+dfsg-2+deb9u2
-	[stretch] - sdl-image1.2 1.2.12-5+deb9u2
-CVE-2019-5057
-	[stretch] - libsdl2-image 2.0.1+dfsg-2+deb9u2
-	[stretch] - sdl-image1.2 1.2.12-5+deb9u2
-CVE-2019-5058
-	[stretch] - libsdl2-image 2.0.1+dfsg-2+deb9u2
-	[stretch] - sdl-image1.2 1.2.12-5+deb9u2
-CVE-2019-14275
-	[stretch] - fig2dev 1:3.2.6a-2+deb9u2
 CVE-2019-14267
 	[stretch] - pdfresurrect 0.12-6+deb9u1
-CVE-2019-13232
-	[stretch] - unzip 6.0-21+deb9u2
 CVE-2019-11187
-	[stretch] - fusiondirectory 1.0.19-1+deb9u1
 	[stretch] - gosa 2.7.4+reloaded2-13+deb9u2
-CVE-2019-13057
-	[stretch] - openldap 2.4.44+dfsg-5+deb9u3
-CVE-2019-13565
-	[stretch] - openldap 2.4.44+dfsg-5+deb9u3
-CVE-2019-13615
-	[stretch] - libebml 1.3.4-1+deb9u1
-CVE-2019-12450
-	[stretch] - glib2.0 2.50.3-2+deb9u1
-CVE-2019-13012
-	[stretch] - glib2.0 2.50.3-2+deb9u1
-CVE-2018-16429
-	[stretch] - glib2.0 2.50.3-2+deb9u1
-CVE-2019-8696
-	[stretch] - cups 2.2.1-8+deb9u4
-CVE-2019-8675
-	[stretch] - cups 2.2.1-8+deb9u4
-CVE-2019-14275
-	[stretch] - fig2dev 1:3.2.6a-2+deb9u2
-CVE-2019-8354
-	[stretch] - sox 14.4.1-5+deb9u2
-CVE-2019-8355
-	[stretch] - sox 14.4.1-5+deb9u2
-CVE-2019-8356
-	[stretch] - sox 14.4.1-5+deb9u2
-CVE-2019-8357
-	[stretch] - sox 14.4.1-5+deb9u2
-CVE-2019-1010004
-	[stretch] - sox 14.4.1-5+deb9u2
-CVE-2017-18189
-	[stretch] - sox 14.4.1-5+deb9u2
-CVE-2017-15642
-	[stretch] - sox 14.4.1-5+deb9u2
-CVE-2017-15372
-	[stretch] - sox 14.4.1-5+deb9u2
-CVE-2017-15371
-	[stretch] - sox 14.4.1-5+deb9u2
-CVE-2017-15370
-	[stretch] - sox 14.4.1-5+deb9u2
-CVE-2017-11359
-	[stretch] - sox 14.4.1-5+deb9u2
-CVE-2017-11358
-	[stretch] - sox 14.4.1-5+deb9u2
-CVE-2017-11332
-	[stretch] - sox 14.4.1-5+deb9u2
-CVE-2019-13486
-	[stretch] - xymon 4.3.28-2+deb9u1
-CVE-2019-13485
-	[stretch] - xymon 4.3.28-2+deb9u1
-CVE-2019-13484
-	[stretch] - xymon 4.3.28-2+deb9u1
-CVE-2019-13455
-	[stretch] - xymon 4.3.28-2+deb9u1
-CVE-2019-13273
-	[stretch] - xymon 4.3.28-2+deb9u1
-CVE-2019-13274
-	[stretch] - xymon 4.3.28-2+deb9u1
-CVE-2019-13451
-	[stretch] - xymon 4.3.28-2+deb9u1
-CVE-2019-13452
-	[stretch] - xymon 4.3.28-2+deb9u1
-CVE-2019-11068
-	[stretch] - libxslt 1.1.29-2.1+deb9u1
-CVE-2019-13117
-	[stretch] - libxslt 1.1.29-2.1+deb9u1
-CVE-2019-13118
-	[stretch] - libxslt 1.1.29-2.1+deb9u1
-CVE-2019-12625
-	[stretch] - clamav 0.101.4+dfsg-0+deb9u1
-CVE-2019-12900
-	[stretch] - clamav 0.101.4+dfsg-0+deb9u1
 CVE-2019-13173
 	[stretch] - node-fstream 1.0.10-1+deb9u1
-CVE-2016-10542
-	[stretch] - node-ws 1.1.0+ds1.e6ddaae4-3+deb9u1
-CVE-2019-9578
-	[stretch] - libu2f-host 1.1.2-2+deb9u2
-CVE-2018-1002161
-	[stretch] - koji 1.10.0-1+deb9u1
-CVE-2017-1002153
-	[stretch] - koji 1.10.0-1+deb9u1
author	Salvatore Bonaccorso <carnil@debian.org>	2019-09-07 14:25:18 +0200
committer	Salvatore Bonaccorso <carnil@debian.org>	2019-09-07 14:25:18 +0200
commit	53e227fce32640dce1194f68051c2741e01fbdae (patch)
tree	caf002f9515c8e6d8dc737a7b904bd8736e1d843
parent	f043f6be8cd2dd182a34dc688df7c7000f1ebf0a (diff)