From 40a2d6c0280da5a0b4aeeee5f3900142b17073a0 Mon Sep 17 00:00:00 2001
From: Thorsten Alteholz <debian@alteholz.de>
Date: Thu, 29 Oct 2020 17:01:23 +0100
Subject: Reserve DLA-2419-1 for dompurify.js

---
 data/DLA/list       | 3 +++
 data/dla-needed.txt | 3 ---
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/data/DLA/list b/data/DLA/list
index 559f4b844b..09973e62e9 100644
--- a/data/DLA/list
+++ b/data/DLA/list
@@ -1,3 +1,6 @@
+[29 Oct 2020] DLA-2419-1 dompurify.js - security update
+	{CVE-2019-16728 CVE-2020-26870}
+	[stretch] - dompurify.js 0.8.2~dfsg1-1+deb9u1
 [29 Oct 2020] DLA-2418-1 libsndfile - security update
 	{CVE-2017-6892 CVE-2017-14245 CVE-2017-14246 CVE-2017-14634 CVE-2018-19661 CVE-2018-19662 CVE-2018-19758 CVE-2019-3832}
 	[stretch] - libsndfile 1.0.27-3+deb9u1
diff --git a/data/dla-needed.txt b/data/dla-needed.txt
index b41f594ebb..74bb9982e0 100644
--- a/data/dla-needed.txt
+++ b/data/dla-needed.txt
@@ -61,9 +61,6 @@ condor
   NOTE: 20200712: Requested input on path forward from debian-lts@l.d.o (roberto)
   NOTE: 20200727: Waiting on maintainer feedback: https://lists.debian.org/debian-lts/2020/07/msg00108.html (roberto)
 --
-dompurify.js (Thorsten Alteholz)
-  NOTE: 20201013: Package only in stretch - needs investigation to identify patch. (lamby)
---
 f2fs-tools
   NOTE: 20200815: About CVE-2020-6070. The fix got introduced between 1.12.0 and 1.13.0, but it is not trivial to
   NOTE: 20200815: to detect which of the patches correlates to the CVE. Contacting upstream might be necessary. (sunweaver)
-- 
cgit v1.2.3