[Secure-testing-commits] r21151 - data/CVE

Moritz Muehlenhoff jmm at alioth.debian.org
Tue Feb 5 15:56:18 UTC 2013 

Author: jmm
Date: 2013-02-05 15:56:18 +0000 (Tue, 05 Feb 2013)
New Revision: 21151

Modified:
   data/CVE/list
Log:
more potentially unfixed java issues


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2013-02-05 15:44:25 UTC (rev 21150)
+++ data/CVE/list	2013-02-05 15:56:18 UTC (rev 21151)
@@ -2869,7 +2869,9 @@
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 CVE-2013-0445 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
-	TODO: check
+	- openjdk-6 <unfixed>
+	- openjdk-7 <unfixed>
+	NOTE: icedtea fix: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk/rev/6527ae06da69
 CVE-2013-0444 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
 	- openjdk-6 <not-affected> (Only affects Java7)
 	- openjdk-7 <unfixed>
@@ -2880,6 +2882,7 @@
 CVE-2013-0442 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
 	- openjdk-6 6b27-1.12-1
 	- openjdk-7 <unfixed>
+	NOTE: icedtea fix: http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk/rev/6527ae06da69
 CVE-2013-0441 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
 	- openjdk-6 6b27-1.12-1
 	- openjdk-7 <unfixed>
@@ -2970,7 +2973,9 @@
 CVE-2013-0410
 	RESERVED
 CVE-2013-0409 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
-	TODO: check
+	- openjdk-6 <unfixed>
+	- openjdk-7 <unfixed>
+	NOTE: No fix listed for icedtea, is this component (JMX) included in Icedtea?
 CVE-2013-0408
 	RESERVED
 CVE-2013-0407 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local ...)
@@ -12200,7 +12205,9 @@
 CVE-2012-3214 (Unspecified vulnerability in the Oracle Outside In Technology ...)
 	NOT-FOR-US: Oracle Fusion Middleware
 CVE-2012-3213 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
-	TODO: check
+	- openjdk-6 <unfixed>
+	- openjdk-7 <unfixed>
+	NOTE: No fix listed for icedtea, is this component (Scripting) included in Icedtea?
 CVE-2012-3212 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11, when ...)
 	NOT-FOR-US: Oracle Sun Solaris
 CVE-2012-3211 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local ...)

More information about the Secure-testing-commits mailing list