[Secure-testing-commits] r31567 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Wed Jan 21 06:44:36 UTC 2015
Author: jmm
Date: 2015-01-21 06:44:36 +0000 (Wed, 21 Jan 2015)
New Revision: 31567
Modified:
data/CVE/list
Log:
new openjdk issues
new icu issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-01-21 05:57:58 UTC (rev 31566)
+++ data/CVE/list 2015-01-21 06:44:36 UTC (rev 31567)
@@ -2536,6 +2536,7 @@
RESERVED
CVE-2015-0437
RESERVED
+ - openjdk-8 <unfixed>
CVE-2015-0436
RESERVED
CVE-2015-0435
@@ -2573,6 +2574,7 @@
RESERVED
CVE-2015-0421
RESERVED
+ - openjdk-8 <unfixed>
CVE-2015-0420
RESERVED
CVE-2015-0419
@@ -2589,8 +2591,14 @@
RESERVED
CVE-2015-0413
RESERVED
+ - openjdk-7 <undetermined>
+ - openjdk-8 <undetermined>
+ NOTE: Likely specific to Oracle Java, wait a bit until more details come up
CVE-2015-0412
RESERVED
+ - openjdk-6 <unfixed>
+ - openjdk-7 <unfixed>
+ - openjdk-8 <unfixed>
CVE-2015-0411
RESERVED
- mysql-5.5 <unfixed> (bug #775881)
@@ -2600,6 +2608,9 @@
NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html#AppendixMSQL
CVE-2015-0410
RESERVED
+ - openjdk-6 <unfixed>
+ - openjdk-7 <unfixed>
+ - openjdk-8 <unfixed>
CVE-2015-0409
RESERVED
- mysql-5.5 <not-affected> (Only MySQL 5.6)
@@ -2609,22 +2620,37 @@
NOTE: http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html#AppendixMSQL
CVE-2015-0408
RESERVED
+ - openjdk-6 <unfixed>
+ - openjdk-7 <unfixed>
+ - openjdk-8 <unfixed>
CVE-2015-0407
RESERVED
+ - openjdk-6 <unfixed>
+ - openjdk-7 <unfixed>
+ - openjdk-8 <unfixed>
CVE-2015-0406
RESERVED
+ - openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
+ - openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
+ - openjdk-8 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
CVE-2015-0405
RESERVED
CVE-2015-0404
RESERVED
CVE-2015-0403
RESERVED
+ - openjdk-6 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
+ - openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
+ - openjdk-8 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
CVE-2015-0402
RESERVED
CVE-2015-0401
RESERVED
CVE-2015-0400
RESERVED
+ - openjdk-6 <not-affected> (This only affects Java on Windows)
+ - openjdk-7 <not-affected> (This only affects Java on Windows)
+ - openjdk-8 <not-affected> (This only affects Java on Windows)
CVE-2015-0399
RESERVED
CVE-2015-0398
@@ -2635,6 +2661,9 @@
RESERVED
CVE-2015-0395
RESERVED
+ - openjdk-6 <unfixed>
+ - openjdk-7 <unfixed>
+ - openjdk-8 <unfixed>
CVE-2015-0394
RESERVED
CVE-2015-0393
@@ -2670,6 +2699,9 @@
RESERVED
CVE-2015-0383
RESERVED
+ - openjdk-6 <unfixed>
+ - openjdk-7 <unfixed>
+ - openjdk-8 <unfixed>
CVE-2015-0382
RESERVED
- mysql-5.5 <unfixed> (bug #775881)
@@ -10391,6 +10423,9 @@
NOT-FOR-US: M/Monit
CVE-2014-6601
RESERVED
+ - openjdk-6 <unfixed>
+ - openjdk-7 <unfixed>
+ - openjdk-8 <unfixed>
CVE-2014-6600
RESERVED
CVE-2014-6599
@@ -10407,10 +10442,17 @@
RESERVED
CVE-2014-6593
RESERVED
+ - openjdk-6 <unfixed>
+ - openjdk-7 <unfixed>
+ - openjdk-8 <unfixed>
CVE-2014-6592
RESERVED
CVE-2014-6591
RESERVED
+ - openjdk-6 <unfixed>
+ - openjdk-7 <unfixed>
+ - openjdk-8 <unfixed>
+ - icu
CVE-2014-6590
RESERVED
CVE-2014-6589
@@ -10419,10 +10461,17 @@
RESERVED
CVE-2014-6587
RESERVED
+ - openjdk-6 <unfixed>
+ - openjdk-7 <unfixed>
+ - openjdk-8 <unfixed>
CVE-2014-6586
RESERVED
CVE-2014-6585
RESERVED
+ - openjdk-6 <unfixed>
+ - openjdk-7 <unfixed>
+ - openjdk-8 <unfixed>
+ - icu <unfixed>
CVE-2014-6584
RESERVED
CVE-2014-6583
@@ -10517,6 +10566,7 @@
NOT-FOR-US: Oracle
CVE-2014-6549
RESERVED
+ - openjdk-8 <unfixed>
CVE-2014-6548
RESERVED
CVE-2014-6547 (Unspecified vulnerability in the JPublisher component in Oracle ...)
@@ -17898,11 +17948,7 @@
[squeeze] - nss <no-dsa> (Upstream doesn't plan to disable SSLv3, stick with that)
[wheezy] - nss <no-dsa> (Upstream doesn't plan to disable SSLv3, stick with that)
- openjdk-6 <unfixed>
- [squeeze] - openjdk-6 <no-dsa> (Upstream doesn't plan to disable SSLv3, stick with that)
- [wheezy] - openjdk-6 <no-dsa> (Upstream doesn't plan to disable SSLv3, stick with that)
- openjdk-7 <unfixed>
- [wheezy] - openjdk-7 <no-dsa> (Upstream doesn't plan to disable SSLv3, stick with that)
- [jessie] - openjdk-7 <no-dsa> (Upstream doesn't plan to disable SSLv3, stick with that)
- openjdk-8 <unfixed>
- polarssl 1.3.9-2
[wheezy] - polarssl <no-dsa> (Minor issue)
More information about the Secure-testing-commits
mailing list