From f04fe339b514b2e1a44e4138d09e4718ac985d90 Mon Sep 17 00:00:00 2001
From: Moritz Muehlenhoff <jmm@debian.org>
Date: Sat, 4 Jul 2020 19:05:45 +0200
Subject: one teeworlds issue is a dupe buster/stretch triage

---
 data/CVE/list       | 9 ++++++---
 data/dsa-needed.txt | 2 ++
 2 files changed, 8 insertions(+), 3 deletions(-)

(limited to 'data')

diff --git a/data/CVE/list b/data/CVE/list
index 1a1d2d2019..ab8174c45b 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -257,6 +257,8 @@ CVE-2020-15401 (IOBit Malware Fighter Pro 8.0.2.547 allows local users to gain p
 	NOT-FOR-US: IOBit Malware Fighter Pro
 CVE-2020-15400 (CakePHP before 4.0.6 mishandles CSRF token generation. This might be r ...)
 	- cakephp <unfixed>
+	[buster] - cakephp <no-dsa> (Minor issue)
+	[stretch] - cakephp <no-dsa> (Minor issue)
 CVE-2020-15399
 	RESERVED
 CVE-2020-15398
@@ -8468,9 +8470,8 @@ CVE-2020-12059 (An issue was discovered in Ceph through 13.2.9. A POST request w
 	NOTE: Fixed by: https://github.com/ceph/ceph/commit/375d926a4f2720a29b079c216bafb884eef985c3 (v13.2.10)
 	NOTE: Consider 14.x series as fixed due to the use of the new style xml parsing.
 CVE-2019-20787 (Teeworlds before 0.7.4 has an integer overflow when computing a tilema ...)
-	- teeworlds <unfixed>
-	[jessie] - teeworlds <end-of-life> (Not supported in jessie LTS)
-	NOTE: https://www.teeworlds.com/forum/viewtopic.php?pid=123860
+	NOTE: Duplicate of CVE-2019-10877
+	TODO: reject with MITRE
 CVE-2020-12058
 	RESERVED
 CVE-2020-12057
@@ -177018,6 +177019,8 @@ CVE-2017-8762 (GeniXCMS 1.0.2 has XSS triggered by an authenticated user who sub
 CVE-2017-8761 [Swift tempurl middleware reveals signatures in the logfiles]
 	RESERVED
 	- swift <unfixed>
+	[buster] - swift <no-dsa> (Minor issue)
+	[stretch] - swift <no-dsa> (Minor issue)
 	[jessie] - swift <end-of-life> (Not supported in Jessie LTS)
 	NOTE: https://bugs.launchpad.net/swift/+bug/1685798
 CVE-2017-8760 (An issue was discovered on Accellion FTA devices before FTA_9_12_180.  ...)
diff --git a/data/dsa-needed.txt b/data/dsa-needed.txt
index 0aaff7f2f1..d983f44da0 100644
--- a/data/dsa-needed.txt
+++ b/data/dsa-needed.txt
@@ -11,6 +11,8 @@ To pick an issue, simply add your uid behind it.
 
 If needed, specify the release by adding a slash after the name of the source package.
 
+--
+curl (ghedo)
 --
 ffmpeg (jmm)
 --
-- 
cgit v1.2.3