[Secure-testing-commits] r33712 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Mon Apr 20 15:49:56 UTC 2015
Author: jmm
Date: 2015-04-20 15:49:56 +0000 (Mon, 20 Apr 2015)
New Revision: 33712
Modified:
data/CVE/list
Log:
one java issue fixed in icedtea
mark two as n/a (specific to Oracle Java)
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-04-20 15:45:03 UTC (rev 33711)
+++ data/CVE/list 2015-04-20 15:49:56 UTC (rev 33712)
@@ -8,7 +8,6 @@
- linux-2.6 <removed>
NOTE: Fixed by: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8b01fc86b9f425899f8a3a8fc1c47d73c2c20543
NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/04/20/1
- TODO: check
CVE-2015-XXXX [out-of-bounds memory access]
- libxml2 <unfixed> (bug #783010)
NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=744980
@@ -8778,10 +8777,10 @@
- openjdk-7 <not-affected> (JavaFX not part of OpenJDK)
- openjdk-8 <not-affected> (JavaFX not part of OpenJDK)
CVE-2015-0491 (Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and ...)
- - openjdk-6 <unfixed>
- - openjdk-7 <unfixed>
- - openjdk-8 <unfixed>
- NOTE: Possibly specific to Oracle Java
+ - openjdk-6 <not-affected> (Specific to Oracle Java, not present in IcedTea)
+ - openjdk-7 <not-affected> (Specific to Oracle Java, not present in IcedTea)
+ - openjdk-8 <not-affected> (Specific to Oracle Java, not present in IcedTea)
+ NOTE: Due to the vague disclosure policy by Oracle the exact nature is unknown
CVE-2015-0490 (Unspecified vulnerability in the Oracle Agile Engineering Data ...)
TODO: check
CVE-2015-0489 (Unspecified vulnerability in the Application Management Pack for ...)
@@ -8834,10 +8833,9 @@
CVE-2015-0471 (Unspecified vulnerability in Oracle Sun Solaris 10 and 11.2 allows ...)
TODO: check
CVE-2015-0470 (Unspecified vulnerability in Oracle Java SE 8u40 allows remote ...)
- - openjdk-6 <unfixed>
- - openjdk-7 <unfixed>
- - openjdk-8 <unfixed>
- NOTE: Possibly specific to Oracle Java
+ - openjdk-6 6b35-1.13.7-1
+ - openjdk-7 7u79-2.5.5-1
+ - openjdk-8 8u45-b14-1
CVE-2015-0469 (Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and ...)
- openjdk-6 6b35-1.13.7-1
- openjdk-7 7u79-2.5.5-1
@@ -8863,10 +8861,10 @@
- openjdk-7 7u79-2.5.5-1
- openjdk-8 8u45-b14-1
CVE-2015-0459 (Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and ...)
- - openjdk-6 <unfixed>
- - openjdk-7 <unfixed>
- - openjdk-8 <unfixed>
- NOTE: Possibly specific to Oracle Java
+ - openjdk-6 <not-affected> (Specific to Oracle Java, not present in IcedTea)
+ - openjdk-7 <not-affected> (Specific to Oracle Java, not present in IcedTea)
+ - openjdk-8 <not-affected> (Specific to Oracle Java, not present in IcedTea)
+ NOTE: Due to the vague disclosure policy by Oracle the exact nature is unknown
CVE-2015-0458 (Unspecified vulnerability in in Oracle Java SE 6u91, 7u76, and 8u40 ...)
- openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
More information about the Secure-testing-commits
mailing list