[Secure-testing-commits] r35663 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Fri Jul 24 04:58:38 UTC 2015
Author: carnil
Date: 2015-07-24 04:58:38 +0000 (Fri, 24 Jul 2015)
New Revision: 35663
Modified:
data/CVE/list
Log:
Add first set of CVEs mentioned in changelog for fixed version
NOTE: For reviewers, just added the CVEs mentioned in the changelog, but
there are still issues for openjdk-7 as unfixed. Please double-check if
this is complete.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-07-23 22:53:34 UTC (rev 35662)
+++ data/CVE/list 2015-07-24 04:58:38 UTC (rev 35663)
@@ -1984,7 +1984,7 @@
NOTE: http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixMSQL
CVE-2015-4760 (Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 ...)
- openjdk-6 <unfixed>
- - openjdk-7 <unfixed>
+ - openjdk-7 7u79-2.5.6-1
- openjdk-8 <unfixed>
- icu 52.1-10
NOTE: http://hg.openjdk.java.net/jdk8u/jdk8u/jdk/rev/3f9845510b47
@@ -2024,13 +2024,13 @@
TODO: check
CVE-2015-4749 (Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; ...)
- openjdk-6 <unfixed>
- - openjdk-7 <unfixed>
+ - openjdk-7 7u79-2.5.6-1
- openjdk-8 <unfixed>
NOTE: http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixJAVA
NOTE: "Applies to client and server deployment of Java."
CVE-2015-4748 (Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; ...)
- openjdk-6 <unfixed>
- - openjdk-7 <unfixed>
+ - openjdk-7 7u79-2.5.6-1
- openjdk-8 <unfixed>
NOTE: http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixJAVA
NOTE: "Applies to client and server deployment of Java."
@@ -2069,19 +2069,19 @@
RESERVED
CVE-2015-4733 (Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and ...)
- openjdk-6 <unfixed>
- - openjdk-7 <unfixed>
+ - openjdk-7 7u79-2.5.6-1
- openjdk-8 <unfixed>
NOTE: http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixJAVA
NOTE: "Applies to client deployment of Java only. This vulnerability can be exploited only through sandboxed Java Web Start applications and sandboxed Java applets."
CVE-2015-4732 (Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and ...)
- openjdk-6 <unfixed>
- - openjdk-7 <unfixed>
+ - openjdk-7 7u79-2.5.6-1
- openjdk-8 <unfixed>
NOTE: http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixJAVA
NOTE: "Applies to client deployment of Java only. This vulnerability can be exploited only through sandboxed Java Web Start applications and sandboxed Java applets."
CVE-2015-4731 (Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; Java ...)
- openjdk-6 <unfixed>
- - openjdk-7 <unfixed>
+ - openjdk-7 7u79-2.5.6-1
- openjdk-8 <unfixed>
NOTE: http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixJAVA
NOTE: "Applies to client deployment of Java only. This vulnerability can be exploited only through sandboxed Java Web Start applications and sandboxed Java applets."
@@ -3985,7 +3985,7 @@
- openssl <unfixed>
- nss <unfixed>
- openjdk-6 <unfixed>
- - openjdk-7 <unfixed>
+ - openjdk-7 7u79-2.5.6-1
- openjdk-8 <unfixed>
NOTE: CVE assigned specific to vulnerability in the TLS protocol that was
NOTE: disclosed in section 3.2 of the
@@ -7448,7 +7448,7 @@
NOTE: This CVE is specific to the design of the RC4 protocol and not to its
NOTE: implementations.
- openjdk-6 <unfixed>
- - openjdk-7 <unfixed>
+ - openjdk-7 7u79-2.5.6-1
- openjdk-8 <unfixed>
NOTE: http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixJAVA
NOTE: "Applies to client and server deployment of JSSE."
@@ -8123,7 +8123,7 @@
RESERVED
CVE-2015-2632 (Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 ...)
- openjdk-6 <unfixed>
- - openjdk-7 <unfixed>
+ - openjdk-7 7u79-2.5.6-1
- openjdk-8 <unfixed>
NOTE: http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixJAVA
NOTE: "Applies to client deployment of Java only. This vulnerability can be exploited only through sandboxed Java Web Start applications and sandboxed Java applets."
@@ -8135,7 +8135,7 @@
TODO: check
CVE-2015-2628 (Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and ...)
- openjdk-6 <unfixed>
- - openjdk-7 <unfixed>
+ - openjdk-7 7u79-2.5.6-1
- openjdk-8 <unfixed>
NOTE: http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixJAVA
NOTE: "Applies to client deployment of Java only. This vulnerability can be exploited only through sandboxed Java Web Start applications and sandboxed Java applets."
@@ -8147,7 +8147,7 @@
TODO: check
CVE-2015-2625 (Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; ...)
- openjdk-6 <unfixed>
- - openjdk-7 <unfixed>
+ - openjdk-7 7u79-2.5.6-1
- openjdk-8 <unfixed>
NOTE: http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixJAVA
NOTE: "Applies to client and server deployment of JSSE."
@@ -8159,7 +8159,7 @@
TODO: check
CVE-2015-2621 (Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and ...)
- openjdk-6 <unfixed>
- - openjdk-7 <unfixed>
+ - openjdk-7 7u79-2.5.6-1
- openjdk-8 <unfixed>
NOTE: http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixJAVA
NOTE: "Applies to client deployment of Java only. This vulnerability can be exploited only through sandboxed Java Web Start applications and sandboxed Java applets."
@@ -8187,7 +8187,7 @@
TODO: check
CVE-2015-2613 (Unspecified vulnerability in Oracle Java SE 7u80 and 8u45, and Java SE ...)
- openjdk-6 <unfixed>
- - openjdk-7 <unfixed>
+ - openjdk-7 7u79-2.5.6-1
- openjdk-8 <unfixed>
NOTE: http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixJAVA
NOTE: "Applies to client and server deployment of Java."
@@ -8218,7 +8218,7 @@
TODO: check
CVE-2015-2601 (Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, ...)
- openjdk-6 <unfixed>
- - openjdk-7 <unfixed>
+ - openjdk-7 7u79-2.5.6-1
- openjdk-8 <unfixed>
NOTE: http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixJAVA
NOTE: "Applies to client and server deployment of Java."
@@ -8249,7 +8249,7 @@
TODO: check
CVE-2015-2590 (Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and ...)
- openjdk-6 <unfixed>
- - openjdk-7 <unfixed>
+ - openjdk-7 7u79-2.5.6-1
- openjdk-8 <unfixed>
NOTE: http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixJAVA
NOTE: "Applies to client deployment of Java only. This vulnerability can be exploited only through sandboxed Java Web Start applications and sandboxed Java applets."
More information about the Secure-testing-commits
mailing list