[Secure-testing-commits] r24400 - data/CVE

Fri Nov 22 11:47:10 UTC 2013

Author: jmm
Date: 2013-11-22 11:47:10 +0000 (Fri, 22 Nov 2013)
New Revision: 24400

Modified:
   data/CVE/list
Log:
openjdk-6 fixed


Modified: data/CVE/list
===================================================================

--- data/CVE/list	2013-11-22 06:32:27 UTC (rev 24399)
+++ data/CVE/list	2013-11-22 11:47:10 UTC (rev 24400)
@@ -2044,10 +2044,10 @@
 	- openjdk-6 <not-affected> (Only affects Java 7)
 	- openjdk-7 <unfixed>
 CVE-2013-5850 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE ...)
-	- openjdk-6 <unfixed>
+	- openjdk-6 6b27-1.12.7-1
 	- openjdk-7 <unfixed>
 CVE-2013-5849 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE ...)
-	- openjdk-6 <unfixed>
+	- openjdk-6 6b27-1.12.7-1
 	- openjdk-7 <unfixed>
 CVE-2013-5848 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE ...)
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
@@ -2067,12 +2067,12 @@
 	- openjdk-7 <not-affected> (Specific to Oracle Java, not present in IcedTea)
 	NOTE: Due to the vague disclosure policy by Oracle the exact nature is unknown but since no patch landed in icedtea, we consider it not-affected
 CVE-2013-5842 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE ...)
-	- openjdk-6 <unfixed>
+	- openjdk-6 6b27-1.12.7-1
 	- openjdk-7 <unfixed>
 CVE-2013-5841 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
 CVE-2013-5840 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE ...)
-	- openjdk-6 <unfixed>
+	- openjdk-6 6b27-1.12.7-1
 	- openjdk-7 <unfixed>
 CVE-2013-5839 (Unspecified vulnerability in Oracle Solaris 10 allows remote attackers ...)
 	NOT-FOR-US: Solaris
@@ -2097,10 +2097,10 @@
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 CVE-2013-5830 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE ...)
-	- openjdk-6 <unfixed>
+	- openjdk-6 6b27-1.12.7-1
 	- openjdk-7 <unfixed>
 CVE-2013-5829 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE ...)
-	- openjdk-6 <unfixed>
+	- openjdk-6 6b27-1.12.7-1
 	- openjdk-7 <unfixed>
 CVE-2013-5828 (Unspecified vulnerability in the Enterprise Manager Base Platform ...)
 	NOT-FOR-US: Oracle Enterprise Manager Grid Control
@@ -2109,22 +2109,21 @@
 CVE-2013-5826 (Unspecified vulnerability in the Oracle Transportation Management ...)
 	NOT-FOR-US: Oracle Supply Chain Products Suite
 CVE-2013-5825 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE ...)
-	- openjdk-6 <unfixed>
+	- openjdk-6 6b27-1.12.7-1
 	- openjdk-7 <unfixed>
 CVE-2013-5824 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE ...)
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 CVE-2013-5823 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE ...)
-	- openjdk-6 <unfixed>
+	- openjdk-6 6b27-1.12.7-1
 	- openjdk-7 <unfixed>
 	NOTE: http://hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/a7758faab30d
-	TODO: check (both openjdk-6 and openjdk-7)
 CVE-2013-5822 (Unspecified vulnerability in the Oracle iLearning component in Oracle ...)
 	NOT-FOR-US: Oracle iLearning
 CVE-2013-5821
 	RESERVED
 CVE-2013-5820 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE ...)
-	- openjdk-6 <unfixed>
+	- openjdk-6 6b27-1.12.7-1
 	- openjdk-7 <unfixed>
 CVE-2013-5819 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE ...)
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
@@ -2133,14 +2132,14 @@
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 	- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 CVE-2013-5817 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE ...)
-	- openjdk-6 <unfixed>
+	- openjdk-6 6b27-1.12.7-1
 	- openjdk-7 <unfixed>
 CVE-2013-5816 (Unspecified vulnerability in the Oracle GlassFish Server component in ...)
 	NOT-FOR-US: Oracle Fusion Middleware
 CVE-2013-5815 (Unspecified vulnerability in the Oracle Identity Analytics component ...)
 	NOT-FOR-US: Oracle Fusion Middleware Oracle Identity Analytics
 CVE-2013-5814 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE ...)
-	- openjdk-6 <unfixed>
+	- openjdk-6 6b27-1.12.7-1
 	- openjdk-7 <unfixed>
 CVE-2013-5813 (Unspecified vulnerability in the Oracle WebCenter Content component in ...)
 	NOT-FOR-US: Oracle Fusion Middleware
@@ -2153,7 +2152,7 @@
 	- openjdk-6 <not-affected> (JavaFX not part of OpenJDK)
 	- openjdk-7 <not-affected> (JavaFX not part of OpenJDK)
 CVE-2013-5809 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE ...)
-	- openjdk-6 <unfixed>
+	- openjdk-6 6b27-1.12.7-1
 	- openjdk-7 <unfixed>
 CVE-2013-5808
 	RESERVED
@@ -2168,16 +2167,15 @@
 	- openjdk-6 <not-affected> (Specific to MacOS X)
 	- openjdk-7 <not-affected> (Specific to MacOS X)
 CVE-2013-5804 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE ...)
-	- openjdk-6 <unfixed> (unimportant)
+	- openjdk-6 6b27-1.12.7-1 (unimportant)
 	- openjdk-7 <unfixed> (unimportant)
 	NOTE: Javadoc comments can contain arbitrary HTML
 CVE-2013-5803 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE ...)
-	- openjdk-6 <unfixed>
+	- openjdk-6 6b27-1.12.7-1
 	- openjdk-7 <unfixed>
 	NOTE: http://hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/0b84d3b434c2
-	TODO: check (both openjdk-6 and opendjk-7)
 CVE-2013-5802 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE ...)
-	- openjdk-6 <unfixed>
+	- openjdk-6 6b27-1.12.7-1
 	- openjdk-7 <unfixed>
 CVE-2013-5801 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE ...)
 	- openjdk-6 <not-affected> (Specific to Oracle Java, not present in IcedTea)
@@ -2191,7 +2189,7 @@
 CVE-2013-5798 (Unspecified vulnerability in the Oracle Identity Manager component in ...)
 	NOT-FOR-US: Oracle Fusion Middleware
 CVE-2013-5797 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE ...)
-	- openjdk-6 <unfixed>
+	- openjdk-6 6b27-1.12.7-1
 	- openjdk-7 <unfixed>
 CVE-2013-5796 (Unspecified vulnerability in the Siebel Core - EAI component in Oracle ...)
 	NOT-FOR-US: Oracle Siebel CRM
@@ -2208,7 +2206,7 @@
 CVE-2013-5791 (Unspecified vulnerability in the Oracle Outside In Technology ...)
 	NOT-FOR-US: Oracle Fusion Middleware
 CVE-2013-5790 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE ...)
-	- openjdk-6 <unfixed>
+	- openjdk-6 6b27-1.12.7-1
 	- openjdk-7 <unfixed>
 CVE-2013-5789 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE ...)
 	- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
@@ -2226,25 +2224,24 @@
 CVE-2013-5785
 	RESERVED
 CVE-2013-5784 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE ...)
-	- openjdk-6 <unfixed>
+	- openjdk-6 6b27-1.12.7-1
 	- openjdk-7 <unfixed>
 CVE-2013-5783 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE ...)
-	- openjdk-6 <unfixed>
+	- openjdk-6 6b27-1.12.7-1
 	- openjdk-7 <unfixed>
 	NOTE: http://hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/2790e9ace697
-	TODO: check (both openjdk-6 and openjdk-7)
 CVE-2013-5782 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE ...)
-	- openjdk-6 <unfixed>
+	- openjdk-6 6b27-1.12.7-1
 	- openjdk-7 <unfixed>
 CVE-2013-5781 (Unspecified vulnerability in Oracle PARC Enterprise T4 Servers running ...)
 	NOT-FOR-US: Oracle PARC Enterprise
 CVE-2013-5780 (Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE ...)
-	- openjdk-6 <unfixed>
+	- openjdk-6 6b27-1.12.7-1
 	- openjdk-7 <unfixed>
 CVE-2013-5779 (Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools ...)
 	NOT-FOR-US: Oracle PeopleSoft Products
 CVE-2013-5778 (Unspecified vulnerability in Oracle Java SE Java SE 7u40 and earlier, ...)
-	- openjdk-6 <unfixed>
+	- openjdk-6 6b27-1.12.7-1
 	- openjdk-7 <unfixed>
 CVE-2013-5777 (Unspecified vulnerability in the Java SE and JavaFX components in ...)
 	- openjdk-6 <not-affected> (JavaFX not part of OpenJDK)
@@ -2256,12 +2253,12 @@
 	- openjdk-6 <not-affected> (JavaFX not part of OpenJDK)
 	- openjdk-7 <not-affected> (JavaFX not part of OpenJDK)
 CVE-2013-5774 (Unspecified vulnerability in the Java SE, Java SE Embedded component ...)
-	- openjdk-6 <unfixed>
+	- openjdk-6 6b27-1.12.7-1
 	- openjdk-7 <unfixed>
 CVE-2013-5773 (Unspecified vulnerability in the Oracle Containers for J2EE component ...)
 	NOT-FOR-US: Oracle Fusion Middleware
 CVE-2013-5772 (Unspecified vulnerability in the Java SE component in Oracle Java SE ...)
-	- openjdk-6 <unfixed>
+	- openjdk-6 6b27-1.12.7-1
 	- openjdk-7 <unfixed>
 CVE-2013-5771 (Unspecified vulnerability in the XML Parser component in Oracle ...)
 	NOT-FOR-US: Oracle Database Server
@@ -6874,7 +6871,7 @@
 CVE-2013-4003 (Multiple cross-site scripting (XSS) vulnerabilities in IBM TRIRIGA ...)
 	NOT-FOR-US: IBM TRIRIGA
 CVE-2013-4002 (Unspecified vulnerability in the Java Runtime Environment (JRE) in IBM ...)
-	- openjdk-6 <unfixed>
+	- openjdk-6 6b27-1.12.7-1
 	- openjdk-7 <unfixed>
 CVE-2013-4001
 	RESERVED
@@ -7223,7 +7220,7 @@
 CVE-2013-3830
 	RESERVED
 CVE-2013-3829 (Unspecified vulnerability in the Java SE, Java SE Embedded component ...)
-	- openjdk-6 <unfixed>
+	- openjdk-6 6b27-1.12.7-1
 	- openjdk-7 <unfixed>
 CVE-2013-3828 (Unspecified vulnerability in the Oracle Web Services component in ...)
 	NOT-FOR-US: Oracle Fusion Middleware


