From 702deaf75bc6c3118cbf4aba93cbef245684cb08 Mon Sep 17 00:00:00 2001
From: Sylvain Beucler <beuc@beuc.net>
Date: Tue, 8 Feb 2022 13:14:07 +0100
Subject: Ignore CVE-2022-21682 and CVE-2021-43860 for flatpak in stretch
 following secteam analysis at 053f0cd77086c6f73f0d6d33b93833e99ba796c0 + no
 LTS contributor claimed it since it was added

---
 data/dla-needed.txt | 3 ---
 1 file changed, 3 deletions(-)

(limited to 'data/dla-needed.txt')

diff --git a/data/dla-needed.txt b/data/dla-needed.txt
index a0ca456705..74f06e6a0f 100644
--- a/data/dla-needed.txt
+++ b/data/dla-needed.txt
@@ -42,9 +42,6 @@ firmware-nonfree (Markus Koschany)
   NOTE: 20210828: Most CVEs are difficult to backport. Contacted Ben regarding possible "ignore" tag
   NOTE: 20211207: Intend to release this week.
 --
-flatpak
-  NOTE: 20220113: upcoming DSA; non-trivial backport (Beuc)
---
 gif2apng (Anton)
   NOTE: 20220114: orphaned package with inactive upstream, maybe coordinate with Debian QA to write our own patches (Beuc)
   NOTE: 20220114: CVEs unrelated to apng2gif's (Beuc)
-- 
cgit v1.2.3