node-mongodb spu

samba postponed

2 files changed, 8 insertions, 0 deletions

diff --git a/data/CVE/list b/data/CVE/list
index 52a7fec6d4..4184a71f57 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -5405,6 +5405,8 @@ CVE-2020-10705
 CVE-2020-10704
 	RESERVED
 	- samba <unfixed>
+	[buster] - samba <postponed> (Can be fixed along in future DSA)
+	[stretch] - samba <postponed> (Can be fixed along in future DSA)
 	NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14334
 	NOTE: https://www.samba.org/samba/security/CVE-2020-10704.html
 CVE-2020-10703 [Potential denial of service via active pool without target path]
@@ -12610,6 +12612,7 @@ CVE-2020-7611 (All versions of io.micronaut:micronaut-http-client before 1.2.11
 CVE-2020-7610 (All versions of bson before 1.1.4 are vulnerable to Deserialization of ...)
 	[experimental] - node-mongodb 3.5.5+~cs11.12.19-1
 	- node-mongodb 3.5.6+~cs11.12.19-1
+	[buster] - node-mongodb <no-dsa> (Minor issue)
 	NOTE: Fixed in js-bson v1.1.4 included in 3.5.5+~cs11.12.19
 	NOTE: https://snyk.io/vuln/SNYK-JS-BSON-561052
 	NOTE: https://github.com/mongodb/js-bson/commit/3809c1313a7b2a8001065f0271199df9fa3d16a8
@@ -81801,6 +81804,7 @@ CVE-2019-2392
 CVE-2019-2391 (Incorrect parsing of certain JSON input may result in js-bson not corr ...)
 	[experimental] - node-mongodb 3.5.5+~cs11.12.19-1
 	- node-mongodb 3.5.6+~cs11.12.19-1
+	[buster] - node-mongodb <no-dsa> (Minor issue)
 	NOTE: Fixed in js-bson v1.1.4 included in 3.5.5+~cs11.12.19
 CVE-2019-2390 (An unprivileged user or program on Microsoft Windows which can create  ...)
 	NOT-FOR-US: Microsoft
diff --git a/data/next-point-update.txt b/data/next-point-update.txt
index 26c71522db..1ec37a39be 100644
--- a/data/next-point-update.txt
+++ b/data/next-point-update.txt
@@ -122,3 +122,7 @@ CVE-2020-9383
 	[buster] - linux 4.19.118-1
 CVE-2019-19046
 	[buster] - linux 4.19.118-1
+CVE-2020-7610
+	[buster] - node-mongodb 3.1.13+~3.1.11-2+deb10u1
+CVE-2019-2391
+	[buster] - node-mongodb 3.1.13+~3.1.11-2+deb10u1