External check

CVE-2016-5397: TODO: check CVE-2018-6930: TODO: check -- The output might be a bit terse, but the above ids are known elsewhere, check the references in the tracker. The second part indicates the status of that id in the tracker at the moment the script was run.

Suggestion to add new embed code entry for libqxt

Dear Debian security-tracker list members, When dealing with the new version of package qstardict [0][1], I encountered some embedded code about libqxt. According to [2], such situation need to be documented in the embedded-code-copies file. Here's the reason: libqxt upstream is dead since ~2013

DSA candidates

advancecomp -- dolibarr -- gifsicle -- icu -- jakarta-jmeter -- kde-runtime -- krb5 -- leptonlib -- libgcrypt20 -- librsvg -- libspring-java -- mupdf -- opencv -- openexr -- pound -- puppet -- puppet-module-puppetlabs-apache -- puppet-module-puppetlabs-apt -- puppet-module-puppetlabs-mysql --