buster/bullseye triage

2 files changed, 19 insertions, 1 deletions

diff --git a/data/CVE/list b/data/CVE/list
index 6f23a7bff6..90601fe466 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -7234,18 +7234,23 @@ CVE-2021-41093 (Wire is an open source secure messenger. In affected versions if
 	NOT-FOR-US: Wire iOS
 CVE-2021-41092 (Docker CLI is the command line interface for the docker container runt ...)
 	- docker.io <unfixed> (bug #998292)
+	[bullseye] - docker.io <no-dsa> (Minor issue)
+	[buster] - docker.io <no-dsa> (Minor issue)
 	NOTE: https://github.com/docker/cli/security/advisories/GHSA-99pg-grm5-qq3v
 	NOTE: https://github.com/docker/cli/commit/893e52cf4ba4b048d72e99748e0f86b2767c6c6b
 CVE-2021-41091 (Moby is an open-source project created by Docker to enable software co ...)
 	- docker.io <unfixed>
+	[bullseye] - docker.io <no-dsa> (Minor issue)
+	[buster] - docker.io <no-dsa> (Minor issue)
 	NOTE: https://github.com/moby/moby/security/advisories/GHSA-3fwx-pjgw-3558
 	NOTE: https://github.com/moby/moby/commit/f0ab919f518c47240ea0e72d0999576bb8008e64
 CVE-2021-41090
 	RESERVED
 CVE-2021-41089 (Moby is an open-source project created by Docker to enable software co ...)
 	- docker.io <unfixed>
+	[bullseye] - docker.io <no-dsa> (Minor issue)
+	[buster] - docker.io <no-dsa> (Minor issue)
 	NOTE: https://github.com/moby/moby/security/advisories/GHSA-v994-f8vw-g7j4
-	TODO: check details
 CVE-2021-41088 (Elvish is a programming language and interactive shell, combined into  ...)
 	- elvish 0.14.0-1
 	[buster] - elvish <no-dsa> (Minor issue)
@@ -15619,25 +15624,35 @@ CVE-2021-37624 (FreeSWITCH is a Software Defined Telecom Stack enabling the digi
 	NOTE: https://github.com/signalwire/freeswitch/security/advisories/GHSA-mjcm-q9h8-9xv3
 CVE-2021-37623 (Exiv2 is a command-line utility and C++ library for reading, writing,  ...)
 	- exiv2 <unfixed>
+	[bullseye] - exiv2 <ignored> (Minor issue)
+	[buster] - exiv2 <ignored> (Minor issue)
 	[stretch] - exiv2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/Exiv2/exiv2/security/advisories/GHSA-mvc4-g5pv-4qqq
 	NOTE: https://github.com/Exiv2/exiv2/pull/1790
 CVE-2021-37622 (Exiv2 is a command-line utility and C++ library for reading, writing,  ...)
 	- exiv2 <unfixed>
+	[bullseye] - exiv2 <ignored> (Minor issue)
+	[buster] - exiv2 <ignored> (Minor issue)
 	[stretch] - exiv2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/Exiv2/exiv2/security/advisories/GHSA-9jh3-fcc3-g6hv
 	NOTE: https://github.com/Exiv2/exiv2/pull/1788
 CVE-2021-37621 (Exiv2 is a command-line utility and C++ library for reading, writing,  ...)
 	- exiv2 <unfixed>
+	[bullseye] - exiv2 <ignored> (Minor issue)
+	[buster] - exiv2 <ignored> (Minor issue)
 	[stretch] - exiv2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/Exiv2/exiv2/security/advisories/GHSA-m479-7frc-gqqg
 	NOTE: https://github.com/Exiv2/exiv2/pull/1778
 CVE-2021-37620 (Exiv2 is a command-line utility and C++ library for reading, writing,  ...)
 	- exiv2 <unfixed>
+	[bullseye] - exiv2 <ignored> (Minor issue)
+	[buster] - exiv2 <ignored> (Minor issue)
 	NOTE: https://github.com/Exiv2/exiv2/security/advisories/GHSA-v5g7-46xf-h728
 	NOTE: https://github.com/Exiv2/exiv2/pull/1769
 CVE-2021-37619 (Exiv2 is a command-line utility and C++ library for reading, writing,  ...)
 	- exiv2 <unfixed>
+	[bullseye] - exiv2 <ignored> (Minor issue)
+	[buster] - exiv2 <ignored> (Minor issue)
 	[stretch] - exiv2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/Exiv2/exiv2/security/advisories/GHSA-mxw9-qx4c-6m8v
 	NOTE: https://github.com/Exiv2/exiv2/pull/1752
diff --git a/data/dsa-needed.txt b/data/dsa-needed.txt
index 06101419b7..6a610b9140 100644
--- a/data/dsa-needed.txt
+++ b/data/dsa-needed.txt
@@ -56,5 +56,8 @@ tomcat9
   from previous CVE-2021-30640 and another non-security fix for #987179, might
   need a SRM ack.
 --
+trafficserver (jmm)
+  wait until status for CVE-2021-38161 is clarified (upstream patch got reverted)
+--
 varnish
 --