[Secure-testing-commits] r58201 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Fri Dec 1 23:09:19 UTC 2017 

Author: carnil
Date: 2017-12-01 23:09:19 +0000 (Fri, 01 Dec 2017)
New Revision: 58201

Modified:
   data/CVE/list
Log:
Add fixed version for 19 mysql-5.7 CVEs

Note: CVE-2017-3731 is mentioned both in upstream and changelog, but the
CVE is for openssl, so not added it to the tracker for mysql-5.7.

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-12-01 22:59:55 UTC (rev 58200)
+++ data/CVE/list	2017-12-01 23:09:19 UTC (rev 58201)
@@ -22091,7 +22091,7 @@
 	- glassfish <not-affected> (Vulnerable code not included, see bug #853998)
 CVE-2017-10384 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
 	{DSA-4002-1 DLA-1141-1}
-	- mysql-5.7 <unfixed> (bug #878398)
+	- mysql-5.7 5.7.20-1 (bug #878398)
 	- mysql-5.5 <removed> (bug #878402)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL
 CVE-2017-10383 (Vulnerability in the Oracle Hospitality Guest Access component of ...)
@@ -22104,7 +22104,7 @@
 	NOT-FOR-US: Java Advanced Management Console
 CVE-2017-10379 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
 	{DSA-4002-1 DLA-1141-1}
-	- mysql-5.7 <unfixed> (bug #878398)
+	- mysql-5.7 5.7.20-1 (bug #878398)
 	- mysql-5.5 <removed> (bug #878402)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL
 CVE-2017-10378 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
@@ -22143,7 +22143,7 @@
 CVE-2017-10366 (Vulnerability in the PeopleSoft Enterprise PT PeopleTools component of ...)
 	NOT-FOR-US: Oracle
 CVE-2017-10365 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
-	- mysql-5.7 <unfixed> (bug #878398)
+	- mysql-5.7 5.7.20-1 (bug #878398)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL
 CVE-2017-10364 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
@@ -22287,7 +22287,7 @@
 CVE-2017-10321 (Vulnerability in the Core RDBMS component of Oracle Database Server. ...)
 	NOT-FOR-US: Oracle
 CVE-2017-10320 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
-	- mysql-5.7 <unfixed> (bug #878398)
+	- mysql-5.7 5.7.20-1 (bug #878398)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL
 CVE-2017-10319 (Vulnerability in the Oracle Hospitality Suite8 component of Oracle ...)
@@ -22301,17 +22301,17 @@
 CVE-2017-10315 (Vulnerability in the Siebel UI Framework component of Oracle Siebel ...)
 	NOT-FOR-US: Oracle
 CVE-2017-10314 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
-	- mysql-5.7 <unfixed> (bug #878398)
+	- mysql-5.7 5.7.20-1 (bug #878398)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL
 CVE-2017-10313 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
-	- mysql-5.7 <unfixed> (bug #878398)
+	- mysql-5.7 5.7.20-1 (bug #878398)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL
 CVE-2017-10312 (Vulnerability in the Oracle Hyperion BI+ component of Oracle Hyperion ...)
 	NOT-FOR-US: Oracle
 CVE-2017-10311 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
-	- mysql-5.7 <unfixed> (bug #878398)
+	- mysql-5.7 5.7.20-1 (bug #878398)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL
 CVE-2017-10310 (Vulnerability in the Oracle Hyperion Financial Reporting component of ...)
@@ -22344,7 +22344,7 @@
 CVE-2017-10297
 	RESERVED
 CVE-2017-10296 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
-	- mysql-5.7 <unfixed> (bug #878398)
+	- mysql-5.7 5.7.20-1 (bug #878398)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL
 CVE-2017-10295 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of ...)
@@ -22356,7 +22356,7 @@
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
 CVE-2017-10294 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
-	- mysql-5.7 <unfixed> (bug #878398)
+	- mysql-5.7 5.7.20-1 (bug #878398)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL
 CVE-2017-10293 (Vulnerability in the Java SE component of Oracle Java SE ...)
@@ -22376,7 +22376,7 @@
 CVE-2017-10287 (Vulnerability in the PeopleSoft Enterprise FSCM component of Oracle ...)
 	NOT-FOR-US: Oracle
 CVE-2017-10286 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
-	- mysql-5.7 <unfixed> (bug #878398)
+	- mysql-5.7 5.7.20-1 (bug #878398)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL
 CVE-2017-10285 (Vulnerability in the Java SE, Java SE Embedded component of Oracle ...)
@@ -22388,11 +22388,11 @@
 	- openjdk-6 <removed>
 	[wheezy] - openjdk-6 <end-of-life>
 CVE-2017-10284 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
-	- mysql-5.7 <unfixed> (bug #878398)
+	- mysql-5.7 5.7.20-1 (bug #878398)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL
 CVE-2017-10283 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
-	- mysql-5.7 <unfixed> (bug #878398)
+	- mysql-5.7 5.7.20-1 (bug #878398)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL
 CVE-2017-10282
@@ -22408,7 +22408,7 @@
 CVE-2017-10280 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
 	NOT-FOR-US: Oracle
 CVE-2017-10279 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
-	- mysql-5.7 <unfixed> (bug #878398)
+	- mysql-5.7 5.7.20-1 (bug #878398)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL
 CVE-2017-10278 (Vulnerability in the Oracle Tuxedo component of Oracle Fusion ...)
@@ -22417,7 +22417,7 @@
 	- mysql-connector-net <unfixed>
 	[wheezy] - mysql-connector-net <no-dsa> (Minor issue)
 CVE-2017-10276 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
-	- mysql-5.7 <unfixed> (bug #878398)
+	- mysql-5.7 5.7.20-1 (bug #878398)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL
 CVE-2017-10275 (Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of ...)
@@ -22446,7 +22446,7 @@
 	[stretch] - mariadb-10.1 <postponed> (Minor issue)
 	- mariadb-10.0 <removed>
 	[jessie] - mariadb-10.0 <postponed> (Minor issue)
-	- mysql-5.7 <unfixed> (bug #878398)
+	- mysql-5.7 5.7.20-1 (bug #878398)
 	- mysql-5.5 <removed> (bug #878402)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL
 CVE-2017-10267 (Vulnerability in the Oracle Tuxedo component of Oracle Fusion ...)
@@ -22553,7 +22553,7 @@
 CVE-2017-10228 (Vulnerability in the Oracle Hospitality Cruise Shipboard Property ...)
 	NOT-FOR-US: Oracle
 CVE-2017-10227 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
-	- mysql-5.7 <unfixed> (bug #878398)
+	- mysql-5.7 5.7.20-1 (bug #878398)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL
 CVE-2017-10226 (Vulnerability in the Oracle Hospitality Cruise Fleet Management ...)
@@ -22695,13 +22695,13 @@
 CVE-2017-10168 (Vulnerability in the Hospitality Hotel Mobile component of Oracle ...)
 	NOT-FOR-US: Oracle
 CVE-2017-10167 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
-	- mysql-5.7 <unfixed> (bug #878398)
+	- mysql-5.7 5.7.20-1 (bug #878398)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL
 CVE-2017-10166 (Vulnerability in the Oracle Security Service component of Oracle ...)
 	NOT-FOR-US: Oracle
 CVE-2017-10165 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
-	- mysql-5.7 <unfixed> (bug #878398)
+	- mysql-5.7 5.7.20-1 (bug #878398)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL
 CVE-2017-10164 (Vulnerability in the PeopleSoft Enterprise FSCM component of Oracle ...)
@@ -22723,7 +22723,7 @@
 CVE-2017-10156 (Vulnerability in the BI Publisher component of Oracle Fusion ...)
 	NOT-FOR-US: Oracle
 CVE-2017-10155 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
-	- mysql-5.7 <unfixed> (bug #878398)
+	- mysql-5.7 5.7.20-1 (bug #878398)
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL
 CVE-2017-10154 (Vulnerability in the Oracle Access Manager component of Oracle Fusion ...)

More information about the Secure-testing-commits mailing list