Update guacamole-client note in dla-needed.txt

author: Markus Koschany <apo@debian.org> 2020-10-10 18:00:00 +0200
committer: Markus Koschany <apo@debian.org> 2020-10-10 18:00:43 +0200
commit: 9c60750b704fc70869615edad6cdb7d66e9f55ff (patch)
tree: 145e30b43f1ba9490aa788aba067e41e176ec396 /data/dla-needed.txt
parent: c80fcee8025d4494edbd0b22571aadf0e1477cbd (diff)
1 files changed, 5 insertions, 0 deletions
diff --git a/data/dla-needed.txt b/data/dla-needed.txt
index 2946ac55e1..067d8098f7 100644
--- a/data/dla-needed.txt
+++ b/data/dla-needed.txt
@@ -77,6 +77,11 @@ golang-1.8
 golang-golang-x-net-dev
 --
 guacamole-client (Markus Koschany)
+  NOTE: 20201010: Open CVE do not affect the client. Reported my findings to
+  NOTE: the maintainers and the security team. Waiting for feedback. I am
+  NOTE: inclined to mark the package as EOL anyway because the client is
+  NOTE: incompatible with the secure 1.2.0 server version and due to the lack of
+  NOTE: maintainance in Debian.
 --
 jupyter-notebook
   NOTE: 20200711: Vulnerable to (at least) CVE-2018-19351. (lamby)
author	Markus Koschany <apo@debian.org>	2020-10-10 18:00:00 +0200
committer	Markus Koschany <apo@debian.org>	2020-10-10 18:00:43 +0200
commit	9c60750b704fc70869615edad6cdb7d66e9f55ff (patch)
tree	145e30b43f1ba9490aa788aba067e41e176ec396 /data/dla-needed.txt
parent	c80fcee8025d4494edbd0b22571aadf0e1477cbd (diff)