[Secure-testing-commits] r12846 - data/CVE

Nico Golde nion at alioth.debian.org
Fri Sep 18 14:20:10 UTC 2009 

Author: nion
Date: 2009-09-18 14:20:09 +0000 (Fri, 18 Sep 2009)
New Revision: 12846

Modified:
   data/CVE/list
Log:
openjdk fixes

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2009-09-18 11:03:33 UTC (rev 12845)
+++ data/CVE/list	2009-09-18 14:20:09 UTC (rev 12846)
@@ -2056,12 +2056,12 @@
 CVE-2009-2690 (The encoder in Sun Java SE 6 before Update 15, and OpenJDK, grants ...)
 	- sun-java6 6-15-1
 	[lenny] - sun-java6 <no-dsa> (Non-free not supported)
-	- openjdk-6 <unfixed> (medium; bug #542210)
+	- openjdk-6 6b16-1.6-1 (medium; bug #542210)
 CVE-2009-2689 (JDK13Services.getProviders in Sun Java SE 5.0 before Update 20 and 6 ...)
 	- sun-java5 1.5.0-20-1
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 <no-dsa> (Non-free not supported)
-	- openjdk-6 <unfixed> (medium; bug #542210)
+	- openjdk-6 6b16-1.6-1 (medium; bug #542210)
 CVE-2009-2688 (Multiple integer overflows in glyphs-eimage.c in XEmacs 21.4.22, when ...)
 	- xemacs21 <unfixed> (low; bug #540470)
 	[etch] - xemacs21 <no-dsa> (Minor issue, obscure attack vector)
@@ -2104,35 +2104,35 @@
 	[lenny] - sun-java5 <no-dsa> (Non-free not supported)
 	- sun-java6 6-15-1
 	[lenny] - sun-java6 <no-dsa> (Non-free not supported)
-	- openjdk-6 <unfixed> (medium; bug #542210)
+	- openjdk-6 6b16-1.6-1 (medium; bug #542210)
 CVE-2009-2673 (The proxy mechanism implementation in Sun Java Runtime Environment ...)
 	- sun-java5 1.5.0-20-1
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 <no-dsa> (Non-free not supported)
 	- sun-java6 6-15-1
 	[lenny] - sun-java6 <no-dsa> (Non-free not supported)
-	- openjdk-6 <unfixed> (medium; bug #542210)
+	- openjdk-6 6b16-1.6-1 (medium; bug #542210)
 CVE-2009-2672 (The proxy mechanism implementation in Sun Java Runtime Environment ...)
 	- sun-java5 1.5.0-20-1
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 <no-dsa> (Non-free not supported)
 	- sun-java6 6-15-1
 	[lenny] - sun-java6 <no-dsa> (Non-free not supported)
-	- openjdk-6 <unfixed> (medium; bug #542210)
+	- openjdk-6 6b16-1.6-1 (medium; bug #542210)
 CVE-2009-2671 (The SOCKS proxy implementation in Sun Java Runtime Environment (JRE) ...)
 	- sun-java5 1.5.0-20-1
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 <no-dsa> (Non-free not supported)
 	- sun-java6 6-15-1
 	[lenny] - sun-java6 <no-dsa> (Non-free not supported)
-	- openjdk-6 <unfixed> (medium; bug #542210)
+	- openjdk-6 6b16-1.6-1 (medium; bug #542210)
 CVE-2009-2670 (The audio system in Sun Java Runtime Environment (JRE) in JDK and JRE ...)
 	- sun-java5 1.5.0-20-1
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 <no-dsa> (Non-free not supported)
 	- sun-java6 6-15-1
 	[lenny] - sun-java6 <no-dsa> (Non-free not supported)
-	- openjdk-6 <unfixed> (medium; bug #542210)
+	- openjdk-6 6b16-1.6-1 (medium; bug #542210)
 CVE-2009-2669 (A certain debugging component in IBM AIX 5.3 and 6.1 does not properly ...)
 	NOT-FOR-US: IBM AIX
 CVE-2009-2668 (Microsoft Internet Explorer 6 through 6.0.2900.2180 and 7 through ...)
@@ -2314,7 +2314,7 @@
 	[lenny] - sun-java5 <no-dsa> (Non-free not supported)
 	- sun-java6 6-15-1
 	[lenny] - sun-java6 <no-dsa> (Non-free not supported)
-	- openjdk-6 <unfixed> (medium; bug #542210)
+	- openjdk-6 6b16-1.6-1 (medium; bug #542210)
 CVE-2009-2624
 	RESERVED
 CVE-2009-2623
@@ -2656,14 +2656,14 @@
 CVE-2009-2476 (The Java Management Extensions (JMX) implementation in Sun Java SE 6 ...)
 	- sun-java6 6-15-1
 	[lenny] - sun-java6 <no-dsa> (Non-free not supported)
-	- openjdk-6 <unfixed> (medium; bug #542210)
+	- openjdk-6 6b16-1.6-1 (medium; bug #542210)
 CVE-2009-2475 (Sun Java SE 5.0 before Update 20 and 6 before Update 15, and OpenJDK, ...)
 	- sun-java5 1.5.0-20-1
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
 	[lenny] - sun-java5 <no-dsa> (Non-free not supported)
 	- sun-java6 6-15-1
 	[lenny] - sun-java6 <no-dsa> (Non-free not supported)
-	- openjdk-6 <unfixed> (medium; bug #542210)
+	- openjdk-6 6b16-1.6-1 (medium; bug #542210)
 CVE-2009-2474 (neon before 0.28.6, when OpenSSL is used, does not properly handle a ...)
 	- neon27 0.28.6-1 (low; bug #542926)
 	[lenny] - neon27 <no-dsa> (Minor issue)
@@ -4254,7 +4254,7 @@
 	- linux-2.6.24 <not-affected> (vulnerable code introduced in 2.6.29)
 	NOTE: http://seclists.org/fulldisclosure/2009/Jul/0241.html
 CVE-2009-1896 (The Java Web Start framework in IcedTea in OpenJDK before ...)
-	- openjdk-6 <unfixed> (bug #542210)
+	- openjdk-6 6b16-1.6-1 (bug #542210)
 CVE-2009-1895 (The personality subsystem in the Linux kernel before 2.6.31-rc3 has a ...)
 	{DSA-1845-1 DSA-1844-1}
 	- linux-2.6 2.6.30-3 (low)
@@ -10511,7 +10511,7 @@
 	NOTE: http://www.aleksey.com/xmlsec/download.html (1.2.12 has fix)
 	- sun-java6 6-15-1
 	[lenny] - sun-java6 <no-dsa> (Non-free not supported)
-	- openjdk-6 <unfixed> (medium; bug #542210)
+	- openjdk-6 6b16-1.6-1 (medium; bug #542210)
 CVE-2009-0216 (GE Fanuc iFIX 5.0 and earlier relies on client-side authentication ...)
 	NOT-FOR-US: GE Fanuc iFIX
 CVE-2009-0215 (Stack-based buffer overflow in the GetXMLValue method in the IBM ...)

More information about the Secure-testing-commits mailing list