Reserve DLA-2527-1 for snapd

author: Brian May <brian@linuxpenguins.xyz> 2021-01-18 08:17:41 +1100
committer: Brian May <brian@linuxpenguins.xyz> 2021-01-18 08:17:41 +1100
commit: 17c1f2b550eb4e91ddea88edaab75c55f2d5ecd5 (patch)
tree: 769bdef6d579bf191174cfff4103f9e942ceaf47 /data
parent: 1caf232e0ae94e0374c8a425e857b426540653ce (diff)
2 files changed, 3 insertions, 5 deletions
diff --git a/data/DLA/list b/data/DLA/list
index 884c4abeef..3a85db9248 100644
--- a/data/DLA/list
+++ b/data/DLA/list
@@ -1,3 +1,6 @@
+[18 Jan 2021] DLA-2527-1 snapd - security update
+	{CVE-2019-11840}
+	[stretch] - snapd 2.21-2+deb9u1
 [15 Jan 2021] DLA-2526-1 ruby-redcarpet - security update
 	{CVE-2020-26298}
 	[stretch] - ruby-redcarpet 3.3.4-2+deb9u1
diff --git a/data/dla-needed.txt b/data/dla-needed.txt
index 3f751520fe..d63b4a8416 100644
--- a/data/dla-needed.txt
+++ b/data/dla-needed.txt
@@ -124,11 +124,6 @@ slirp (pu-Thorsten Alteholz)
   NOTE: update has to done in sid->buster->stretch
   NOTE: 20200401: waiting for pu
 --
-snapd (Brian May)
-  NOTE: Needs rebuild for CVE-2019-11840 in golang-go.crypto.
-  NOTE: Problems with upload.
-  NOTE: 2020-01-13 Still waiting for response from ftp-master.
---
 spotweb
   NOTE: 20201220: The affected code (PHP!) uses string concatenation to construct a SQL query.
   NOTE: 20201220: Upstream's "fix" is to blacklist all the "bad" SQL commands.
author	Brian May <brian@linuxpenguins.xyz>	2021-01-18 08:17:41 +1100
committer	Brian May <brian@linuxpenguins.xyz>	2021-01-18 08:17:41 +1100
commit	17c1f2b550eb4e91ddea88edaab75c55f2d5ecd5 (patch)
tree	769bdef6d579bf191174cfff4103f9e942ceaf47 /data
parent	1caf232e0ae94e0374c8a425e857b426540653ce (diff)