Merge in the accepted packages from buster 10.11

Though the release has not been happened yet, this is the list of
packages which were copied over from buster-pu to buster.

The final 10.11 changes need to still be verifed for any missing
additional ones.

1 files changed, 6 insertions, 6 deletions

diff --git a/data/CVE/2020.list b/data/CVE/2020.list
index e175b98b8f..8060d35448 100644
--- a/data/CVE/2020.list
+++ b/data/CVE/2020.list
@@ -30612,7 +30612,7 @@ CVE-2020-17510 (Apache Shiro before 1.7.0, when using Apache Shiro with Spring,
 	{DLA-2726-1}
 	- shiro 1.3.2-5 (bug #988728)
 	[bullseye] - shiro 1.3.2-4+deb11u1
-	[buster] - shiro <no-dsa> (Minor issue)
+	[buster] - shiro 1.3.2-4+deb10u1
 	NOTE: https://www.openwall.com/lists/oss-security/2020/11/04/7
 	NOTE: https://lists.apache.org/thread.html/rc2cff2538b683d480426393eecf1ce8dd80e052fbef49303b4f47171%40%3Cdev.shiro.apache.org%3E
 	NOTE: https://issues.apache.org/jira/secure/ReleaseNote.jspa?version=12349284&styleName=Text&projectId=12310950
@@ -39427,7 +39427,7 @@ CVE-2020-13933 (Apache Shiro before 1.6.0, when using Apache Shiro, a specially
 	{DLA-2726-1}
 	- shiro 1.3.2-5 (bug #968753)
 	[bullseye] - shiro 1.3.2-4+deb11u1
-	[buster] - shiro <no-dsa> (Minor issue)
+	[buster] - shiro 1.3.2-4+deb10u1
 	NOTE: https://lists.apache.org/thread.html/r539f87706094e79c5da0826030384373f0041068936912876856835f%40%3Cdev.shiro.apache.org%3E
 CVE-2020-13932 (In Apache ActiveMQ Artemis 2.5.0 to 2.13.0, a specially crafted MQTT p ...)
 	NOT-FOR-US: Apache ActiveMQ Artemis
@@ -39567,7 +39567,7 @@ CVE-2020-13882 (CISOfy Lynis before 3.0.0 has Incorrect Access Control because o
 CVE-2020-13881 (In support.c in pam_tacplus 1.3.8 through 1.5.1, the TACACS+ shared se ...)
 	{DLA-2730-1 DLA-2239-1}
 	- libpam-tacplus 1.3.8-2.1 (low; bug #962830)
-	[buster] - libpam-tacplus <no-dsa> (Minor issue)
+	[buster] - libpam-tacplus 1.3.8-2+deb10u1
 	[stretch] - libpam-tacplus <no-dsa> (Minor issue)
 	NOTE: https://github.com/kravietz/pam_tacplus/commit/4a9852c31c2fd0c0e72fbb689a586aabcfb11cb0
 	NOTE: https://github.com/kravietz/pam_tacplus/issues/149
@@ -44363,7 +44363,7 @@ CVE-2020-11989 (Apache Shiro before 1.5.3, when using Apache Shiro with Spring d
 	{DLA-2273-1}
 	- shiro 1.3.2-5 (bug #988728)
 	[bullseye] - shiro 1.3.2-4+deb11u1
-	[buster] - shiro <no-dsa> (Minor issue)
+	[buster] - shiro 1.3.2-4+deb10u1
 	NOTE: https://www.openwall.com/lists/oss-security/2020/06/22/1
 	NOTE: https://github.com/apache/shiro/pull/211
 	NOTE: https://issues.apache.org/jira/browse/SHIRO-753
@@ -44373,7 +44373,7 @@ CVE-2020-11989 (Apache Shiro before 1.5.3, when using Apache Shiro with Spring d
 CVE-2020-11988 (Apache XmlGraphics Commons 2.4 is vulnerable to server-side request fo ...)
 	- xmlgraphics-commons 2.4-2 (bug #984949)
 	[bullseye] - xmlgraphics-commons 2.4-2~deb11u1
-	[buster] - xmlgraphics-commons <no-dsa> (Minor issue)
+	[buster] - xmlgraphics-commons 2.3-1+deb10u1
 	[stretch] - xmlgraphics-commons <not-affected> (Vulnerable code is not present)
 	NOTE: https://github.com/apache/xmlgraphics-commons/commit/57393912eb87b994c7fed39ddf30fb778a275183
 	NOTE: https://issues.apache.org/jira/browse/XGC-122
@@ -67963,7 +67963,7 @@ CVE-2020-1957 (Apache Shiro before 1.5.2, when using Apache Shiro with Spring dy
 	{DLA-2273-1 DLA-2181-1}
 	- shiro 1.3.2-5 (bug #955018)
 	[bullseye] - shiro 1.3.2-4+deb11u1
-	[buster] - shiro <no-dsa> (Minor issue)
+	[buster] - shiro 1.3.2-4+deb10u1
 	NOTE: https://www.openwall.com/lists/oss-security/2020/03/23/2
 	NOTE: Fixed by: https://github.com/apache/shiro/commit/3708d7907016bf2fa12691dff6ff0def1249b8ce#diff-98f7bc5c0391389e56531f8b3754081aL139
 	NOTE: https://github.com/apache/shiro/pull/203#issuecomment-606270322