[Secure-testing-commits] r41045 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Thu Apr 21 18:04:24 UTC 2016
Author: carnil
Date: 2016-04-21 18:04:24 +0000 (Thu, 21 Apr 2016)
New Revision: 41045
Modified:
data/CVE/list
Log:
openjdk-7 removed from unstable, only maintained in experimental
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-04-21 17:57:21 UTC (rev 41044)
+++ data/CVE/list 2016-04-21 18:04:24 UTC (rev 41045)
@@ -1582,7 +1582,7 @@
CVE-2016-3443
RESERVED
- openjdk-8 <unfixed>
- - openjdk-7 <unfixed>
+ - openjdk-7 <removed>
- openjdk-6 <removed>
CVE-2016-3442
RESERVED
@@ -1619,17 +1619,17 @@
CVE-2016-3427
RESERVED
- openjdk-8 <unfixed>
- - openjdk-7 <unfixed>
+ - openjdk-7 <removed>
- openjdk-6 <removed>
CVE-2016-3426
RESERVED
- openjdk-8 <unfixed>
- - openjdk-7 <unfixed>
+ - openjdk-7 <removed>
- openjdk-6 <removed>
CVE-2016-3425
RESERVED
- openjdk-8 <unfixed>
- - openjdk-7 <unfixed>
+ - openjdk-7 <removed>
- openjdk-6 <removed>
CVE-2016-3424
RESERVED
@@ -1638,7 +1638,7 @@
CVE-2016-3422
RESERVED
- openjdk-8 <unfixed>
- - openjdk-7 <unfixed>
+ - openjdk-7 <removed>
- openjdk-6 <removed>
CVE-2016-3421
RESERVED
@@ -10541,7 +10541,7 @@
CVE-2016-0695
RESERVED
- openjdk-8 <unfixed>
- - openjdk-7 <unfixed>
+ - openjdk-7 <removed>
- openjdk-6 <removed>
CVE-2016-0694
RESERVED
@@ -10564,12 +10564,12 @@
CVE-2016-0687
RESERVED
- openjdk-8 <unfixed>
- - openjdk-7 <unfixed>
+ - openjdk-7 <removed>
- openjdk-6 <removed>
CVE-2016-0686
RESERVED
- openjdk-8 <unfixed>
- - openjdk-7 <unfixed>
+ - openjdk-7 <removed>
- openjdk-6 <removed>
CVE-2016-0685
RESERVED
@@ -10776,7 +10776,7 @@
CVE-2016-0636 (Unspecified vulnerability in Oracle Java SE 7u97, 8u73, and 8u74 ...)
- openjdk-8 8u77-b03-1
[experimental] - openjdk-7 7u95-2.6.4-3
- - openjdk-7 <unfixed>
+ - openjdk-7 <removed>
- openjdk-6 <removed>
NOTE: http://www.oracle.com/technetwork/topics/security/alert-cve-2016-0636-2949497.html
NOTE: https://blogs.oracle.com/security/entry/security_alert_cve_2016_0636
@@ -85634,7 +85634,7 @@
- openjdk-6 <removed> (low)
[squeeze] - openjdk-6 <no-dsa> (Minor issue, no icedtea fix, too complex to backport)
[wheezy] - openjdk-6 <no-dsa> (Minor issue, no icedtea fix, too complex to backport)
- - openjdk-7 <unfixed> (low)
+ - openjdk-7 <removed> (low)
[wheezy] - openjdk-7 <no-dsa> (Minor issue, no icedtea fix, too complex to backport)
[jessie] - openjdk-7 <no-dsa> (Minor issue, no icedtea fix, too complex to backport)
CVE-2012-5372 (Rubinius computes hash values without properly restricting the ability ...)
@@ -92751,7 +92751,7 @@
NOT-FOR-US: phplist
CVE-2012-2739 (Oracle Java SE before 7 Update 6, and OpenJDK 7 before 7u6 build 12 ...)
- openjdk-6 <removed> (unimportant)
- - openjdk-7 <unfixed> (unimportant)
+ - openjdk-7 <removed> (unimportant)
NOTE: Upstream disputes this and states it needs to be fixed in Java apps itself
NOTE: http://mail.openjdk.java.net/pipermail/core-libs-dev/2012-May/010238.html
NOTE: http://armoredbarista.blogspot.de/2012/02/investigating-hashdos-issue.html
More information about the Secure-testing-commits
mailing list