opensmtpd DSA

one disputed systemd issue resolved

3 files changed, 9 insertions, 7 deletions

diff --git a/data/CVE/list b/data/CVE/list
index 0ed102f362..4f51de845a 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -16493,6 +16493,7 @@ CVE-2020-1717
 	RESERVED
 CVE-2020-1716
 	RESERVED
+	NOT-FOR-US: ceph-ansible
 CVE-2020-1715
 	RESERVED
 CVE-2020-1714
@@ -20655,10 +20656,10 @@ CVE-2019-18627
 CVE-2019-18626
 	RESERVED
 CVE-2018-21029 (** DISPUTED ** systemd 239 through 244 accepts any certificate signed  ...)
-	- systemd <unfixed>
-	[buster] - systemd <no-dsa> (Minor issue; systemd-resolved not enabled by default)
-	[stretch] - systemd <not-affected> (Vulnerable code introduced later)
-	[jessie] - systemd <not-affected> (Vulnerable code introduced later)
+	- systemd 244-1 (low)
+	[buster] - systemd <not-affected> (Only affected v243)
+	[stretch] - systemd <not-affected> (Only affected v243)
+	[jessie] - systemd <not-affected> (Only affected v243)
 	NOTE: https://github.com/systemd/systemd/issues/9397
 CVE-2019-18625 (An issue was discovered in Suricata 5.0.0. It was possible to bypass/e ...)
 	- suricata <unfixed>
diff --git a/data/DSA/list b/data/DSA/list
index e3ed1ccc74..c9a1340067 100644
--- a/data/DSA/list
+++ b/data/DSA/list
@@ -1,3 +1,7 @@
+[29 Jan 2020] DSA-4611-1 opensmtpd - security update
+	{CVE-2020-7247}
+	[stretch] - opensmtpd 6.0.2p1-2+deb9u1
+	[buster] - opensmtpd 6.0.3p1-5+deb10u3
 [29 Jan 2020] DSA-4610-1 webkit2gtk - security update
 	{CVE-2019-8835 CVE-2019-8844 CVE-2019-8846}
 	[buster] - webkit2gtk 2.26.3-1~deb10u1
diff --git a/data/dsa-needed.txt b/data/dsa-needed.txt
index 8fac557093..da01a4da24 100644
--- a/data/dsa-needed.txt
+++ b/data/dsa-needed.txt
@@ -42,9 +42,6 @@ nss/oldstable (jmm)
 --
 openjdk-8 (jmm)
 --
-opensmtpd
-  Maintainer working on updates
---
 php7.0
 --
 php7.3