[Secure-testing-commits] r22141 - data/CVE

Moritz Muehlenhoff jmm at alioth.debian.org
Fri May 3 07:32:37 UTC 2013


Author: jmm
Date: 2013-05-03 07:32:37 +0000 (Fri, 03 May 2013)
New Revision: 22141

Modified:
   data/CVE/list
Log:
java updates


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2013-05-03 07:11:53 UTC (rev 22140)
+++ data/CVE/list	2013-05-03 07:32:37 UTC (rev 22141)
@@ -1979,20 +1979,21 @@
 	RESERVED
 CVE-2013-2436 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
 	- openjdk-7 7u21-2.3.9-1
-	TODO: check
+	- openjdk-6 <not-affected> (Only affects Java7)
 CVE-2013-2435 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 CVE-2013-2434 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
-	TODO: might affect icedtea
+	- openjdk-6 <not-affected> (Only affects Java 7)
+	TODO: might affect icedtea7
 CVE-2013-2433 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 CVE-2013-2432 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
-	TODO: might affect icedtea
+	TODO: might affect icedtea6 and iced7
 CVE-2013-2431 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
 	- openjdk-7 7u21-2.3.9-1
-	- openjdk-6 6b27-1.12.5-1
+	- openjdk-6 <not-affected> (Only affects Java7)
 CVE-2013-2430 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
 	- openjdk-7 7u21-2.3.9-1
 	- openjdk-6 6b27-1.12.5-1
@@ -2007,7 +2008,7 @@
 	- openjdk-7 <not-affected> (JavaFX not part of OpenJDK)
 CVE-2013-2426 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
 	- openjdk-7 7u21-2.3.9-1
-	- openjdk-6 6b27-1.12.5-1
+	- openjdk-6 <not-affected> (Only affects Java 7)
 CVE-2013-2425 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
 	- openjdk-6 <not-affected> (Only applies to Java 7)
 	- openjdk-7 <not-affected> (Installation performed differently for Linux distros)
@@ -2016,13 +2017,13 @@
 	- openjdk-6 6b27-1.12.5-1
 CVE-2013-2423 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
 	- openjdk-7 7u21-2.3.9-1
-	TODO: check
+	- openjdk-6 <not-affected> (Only applies to Java 7)
 CVE-2013-2422 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
 	- openjdk-7 7u21-2.3.9-1
 	- openjdk-6 6b27-1.12.5-1
 CVE-2013-2421 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
 	- openjdk-7 7u21-2.3.9-1
-	- openjdk-6 6b27-1.12.5-1
+	- openjdk-6 <not-affected> (Only affects Java 7)
 CVE-2013-2420 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
 	- openjdk-7 7u21-2.3.9-1
 	- openjdk-6 6b27-1.12.5-1
@@ -2039,7 +2040,7 @@
 	- openjdk-6 <not-affected> (Only affects Java 7)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 CVE-2013-2415 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
-	- openjdk-7 7u21-2.3.9-1
+	- openjdk-6 <not-affected> (Only affects Java 7)
 	- openjdk-6 6b27-1.12.5-1
 CVE-2013-2414 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
 	- openjdk-6 <not-affected> (JavaFX not part of OpenJDK)
@@ -2084,7 +2085,7 @@
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6)
 	- mysql-5.1 <not-affected> (Only affects MySQL 5.6)
 CVE-2013-2394 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
-	TODO: might affect icedtea
+	TODO: might affect icedtea6 and icedtea7
 CVE-2013-2393 (Unspecified vulnerability in the Oracle Outside In Technology ...)
 	NOT-FOR-US: Oracle Fusion Middleware
 CVE-2013-2392 (Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 ...)
@@ -4161,7 +4162,6 @@
 CVE-2013-1564 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
 	- openjdk-6 <not-affected> (JavaFX not part of OpenJDK)
 	- openjdk-7 <not-affected> (JavaFX not part of OpenJDK)
-	TODO: check
 CVE-2013-1563 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
 	- openjdk-6 <not-affected> (Installation component of Oracle Java doesn't apply to IcedTea/OpenJDK)
 	- openjdk-7 <not-affected> (Installation component of Oracle Java doesn't apply to IcedTea/OpenJDK)
@@ -4177,7 +4177,7 @@
 CVE-2013-1558 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
 	- openjdk-7 <unfixed>
 	- openjdk-6 <unfixed>
-	TODO: check
+	TODO: not listed in icedtea release announcement, check
 CVE-2013-1557 (Unspecified vulnerability in the Java Runtime Environment (JRE) ...)
 	- openjdk-7 7u21-2.3.9-1
 	- openjdk-6 6b27-1.12.5-1
@@ -4333,7 +4333,7 @@
 	- libyassl <itp> (bug #664533)
 	NOTE: https://blogs.oracle.com/sunsecurity/entry/cve_2013_1492_buffer_overflow
 CVE-2013-1491 (The Java Runtime Environment (JRE) component in Oracle Java SE 7 ...)
-	- openjdk-7 <undetermined>
+	TODO: might affect icedtea6 and icedtea7
 CVE-2013-1490 (Unspecified vulnerability in Oracle Java SE 7 Update 11 (JRE ...)
 	- openjdk-6 <not-affected> (Not exploitable in OpenJDK6)
 	- openjdk-7 <unfixed>
@@ -4342,7 +4342,7 @@
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 CVE-2013-1488 (The Java Runtime Environment (JRE) component in Oracle Java SE 7 ...)
 	- openjdk-7 7u21-2.3.9-1
-	- openjdk-6 6b27-1.12.5-1
+	- openjdk-6 <not-affected> (Only affects Java7)
 CVE-2013-1487 (Unspecified vulnerability in the Java Runtime Environment component in ...)
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)




More information about the Secure-testing-commits mailing list