[Git][security-tracker-team/security-tracker][master] new openjdk issues

Moritz Muehlenhoff jmm at debian.org
Wed Oct 17 09:41:48 BST 2018 

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ce6d28d6 by Moritz Muehlenhoff at 2018-10-17T08:40:56Z
new openjdk issues

- - - - -


2 changed files:

- data/CVE/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -41276,7 +41276,8 @@ CVE-2018-3216
 CVE-2018-3215 (Vulnerability in the Oracle Endeca Information Discovery Integrator ...)
 	TODO: check
 CVE-2018-3214 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of ...)
-	TODO: check
+	- openjdk-7 <unfixed>
+	- openjdk-8 <unfixed>
 CVE-2018-3213 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
 	TODO: check
 CVE-2018-3212 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
@@ -41284,7 +41285,7 @@ CVE-2018-3212 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
 	- mysql-5.5 <not-affected> (Only affects MySQL 8)
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixMSQL
 CVE-2018-3211 (Vulnerability in the Java SE, Java SE Embedded component of Oracle ...)
-	TODO: check
+	- openjdk-8 <unfixed>
 CVE-2018-3210 (Vulnerability in the Oracle GlassFish Server component of Oracle ...)
 	TODO: check
 CVE-2018-3209 (Vulnerability in the Java SE component of Oracle Java SE ...)
@@ -41352,7 +41353,7 @@ CVE-2018-3185 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
 CVE-2018-3184 (Vulnerability in the Hyperion BI+ component of Oracle Hyperion ...)
 	TODO: check
 CVE-2018-3183 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of ...)
-	TODO: check
+	- openjdk-8 <unfixed>
 CVE-2018-3182 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
 	- mysql-5.7 <not-affected> (Only affects MySQL 8)
 	- mysql-5.5 <not-affected> (Only affects MySQL 8)
@@ -41360,7 +41361,9 @@ CVE-2018-3182 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
 CVE-2018-3181 (Vulnerability in the Oracle Hospitality Cruise Shipboard Property ...)
 	TODO: check
 CVE-2018-3180 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of ...)
-	TODO: check
+	- openjdk-7 <unfixed>
+	- openjdk-8 <unfixed>
+	- openjdk-11 <unfixed>
 CVE-2018-3179 (Vulnerability in the Oracle Identity Manager component of Oracle ...)
 	TODO: check
 CVE-2018-3178 (Vulnerability in the Hyperion Common Events component of Oracle ...)
@@ -41390,7 +41393,9 @@ CVE-2018-3170 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
 	- mysql-5.5 <not-affected> (Only affects MySQL 8)
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixMSQL
 CVE-2018-3169 (Vulnerability in the Java SE, Java SE Embedded component of Oracle ...)
-	TODO: check
+	- openjdk-7 <unfixed>
+	- openjdk-8 <unfixed>
+	- openjdk-11 <unfixed>
 CVE-2018-3168 (Vulnerability in the Oracle Identity Analytics component of Oracle ...)
 	TODO: check
 CVE-2018-3167 (Vulnerability in the Application Management Pack for Oracle E-Business ...)
@@ -41418,7 +41423,7 @@ CVE-2018-3159 (Vulnerability in the Oracle Hospitality Cruise Fleet Management .
 CVE-2018-3158 (Vulnerability in the Oracle Hospitality Cruise Fleet Management ...)
 	TODO: check
 CVE-2018-3157 (Vulnerability in the Java SE component of Oracle Java SE ...)
-	TODO: check
+	- openjdk-11 <unfixed>
 CVE-2018-3156 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
 	- mysql-5.7 <unfixed>
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6, MySQL 5.7 and MySQL 8)
@@ -41436,9 +41441,11 @@ CVE-2018-3152 (Vulnerability in the Oracle GlassFish Server component of Oracle
 CVE-2018-3151 (Vulnerability in the Oracle iProcurement component of Oracle ...)
 	TODO: check
 CVE-2018-3150 (Vulnerability in the Java SE component of Oracle Java SE ...)
-	TODO: check
+	- openjdk-11 <unfixed>
 CVE-2018-3149 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of ...)
-	TODO: check
+	- openjdk-7 <unfixed>
+	- openjdk-8 <unfixed>
+	- openjdk-11 <unfixed>
 CVE-2018-3148 (Vulnerability in the Primavera Unifier component of Oracle ...)
 	TODO: check
 CVE-2018-3147 (Vulnerability in the Oracle Outside In Technology component of Oracle ...)
@@ -41464,7 +41471,9 @@ CVE-2018-3141 (Vulnerability in the Hyperion Essbase Administration Services ...
 CVE-2018-3140 (Vulnerability in the Hyperion Essbase Administration Services ...)
 	TODO: check
 CVE-2018-3139 (Vulnerability in the Java SE, Java SE Embedded component of Oracle ...)
-	TODO: check
+	- openjdk-7 <unfixed>
+	- openjdk-8 <unfixed>
+	- openjdk-11 <unfixed>
 CVE-2018-3138 (Vulnerability in the Oracle Application Object Library component of ...)
 	TODO: check
 CVE-2018-3137 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
@@ -41472,7 +41481,9 @@ CVE-2018-3137 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
 	- mysql-5.5 <not-affected> (Only affects MySQL 8)
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixMSQL
 CVE-2018-3136 (Vulnerability in the Java SE, Java SE Embedded component of Oracle ...)
-	TODO: check
+	- openjdk-7 <unfixed>
+	- openjdk-8 <unfixed>
+	- openjdk-11 <unfixed>
 CVE-2018-3135 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)
 	TODO: check
 CVE-2018-3134 (Vulnerability in the Oracle Agile Product Lifecycle Management for ...)


=====================================
data/dsa-needed.txt
=====================================
@@ -55,6 +55,8 @@ mosquitto (seb)
 mupdf
   leaf package, might be a candidate for simply moving to 1.13 in stretch
 --
+openjdk-8 (jmm)
+--
 openjpeg2 (luciano)
 --
 passenger



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/ce6d28d60f89633c0fa1336e92e9ee8c5130fa88

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/ce6d28d60f89633c0fa1336e92e9ee8c5130fa88
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181017/e40c4692/attachment.html>

More information about the debian-security-tracker-commits mailing list