CVE-2019-19918 and CVE-2019-19917 are marked as no-dsa for Buster and Stretch. No reason to treat Jessie differently. Since there are just two CVEs for lout the package is also removed from dla-needed.txt.

author: Ola Lundqvist <ola@inguza.com> 2020-01-19 22:28:08 +0100
committer: Ola Lundqvist <ola@inguza.com> 2020-01-19 22:28:08 +0100
commit: 5051c52bfa35dac18e7e96145af84a0fc6965602 (patch)
tree: fc2dd4f4ed629986de7e4e7cccf8823f5247afde /data/dla-needed.txt
parent: 87322fcfb61d5f24a946f3c70fb597c8f611e480 (diff)
1 files changed, 0 insertions, 9 deletions
diff --git a/data/dla-needed.txt b/data/dla-needed.txt
index 3d089d42c3..1c46a18e0c 100644
--- a/data/dla-needed.txt
+++ b/data/dla-needed.txt
@@ -71,15 +71,6 @@ linux (Ben Hutchings)
 --
 linux-4.9 (Ben Hutchings)
 --
-lout
-  NOTE: 20191221: Package is orphaned and has similar version in unstable.
-  NOTE: 20191221: Upstream maintenance may have ceased to exist, too.
-  NOTE: 20191221: If we fix it in jessie LTS, we should als NMU those fixes
-  NOTE: 20191221: to unstable. (sunweaver)
-  NOTE: 20191221: https://lists.gnu.org/archive/html/lout-users/2019-12/msg00005.html
-  NOTE: 20191221: (-> at least someone is still active on lout, providing some
-  NOTE: 20191221: patches, not related to the open CVEs, though)
---
 nss (Markus Koschany)
 --
 opendmarc (Thorsten Alteholz)
author	Ola Lundqvist <ola@inguza.com>	2020-01-19 22:28:08 +0100
committer	Ola Lundqvist <ola@inguza.com>	2020-01-19 22:28:08 +0100
commit	5051c52bfa35dac18e7e96145af84a0fc6965602 (patch)
tree	fc2dd4f4ed629986de7e4e7cccf8823f5247afde /data/dla-needed.txt
parent	87322fcfb61d5f24a946f3c70fb597c8f611e480 (diff)