[Git][security-tracker-team/security-tracker][master] 2 commits: Track openjdk-8 fixes via unstable

Salvatore Bonaccorso carnil at debian.org
Sun Oct 21 22:39:59 BST 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
3b660f05 by Salvatore Bonaccorso at 2018-10-21T21:38:48Z
Track openjdk-8 fixes via unstable

- - - - -
aae411d2 by Salvatore Bonaccorso at 2018-10-21T21:39:08Z
Add todo item for CVE-2018-3211/openjdk-8

Upload to unstable for openjdk-8/8u181-b13-2 claims to adress this
issue, which is marked not-affected to be specific to Oracle Java.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -41585,7 +41585,7 @@ CVE-2018-3215 (Vulnerability in the Oracle Endeca Information Discovery Integrat
 	NOT-FOR-US: Oracle
 CVE-2018-3214 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of ...)
 	- openjdk-7 <unfixed>
-	- openjdk-8 <unfixed>
+	- openjdk-8 8u181-b13-2
 CVE-2018-3213 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
 	NOT-FOR-US: Oracle
 CVE-2018-3212 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
@@ -41594,6 +41594,7 @@ CVE-2018-3212 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixMSQL
 CVE-2018-3211 (Vulnerability in the Java SE, Java SE Embedded component of Oracle ...)
 	- openjdk-8 <not-affected> (Specific to Oracle Java)
+	TODO: reckeck, maintainer claims fixed in openjdk-8/8u181-b13-2 and affecting openjdk-8
 CVE-2018-3210 (Vulnerability in the Oracle GlassFish Server component of Oracle ...)
 	NOT-FOR-US: Oracle
 CVE-2018-3209 (Vulnerability in the Java SE component of Oracle Java SE ...)
@@ -41662,7 +41663,7 @@ CVE-2018-3185 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
 CVE-2018-3184 (Vulnerability in the Hyperion BI+ component of Oracle Hyperion ...)
 	NOT-FOR-US: Oracle
 CVE-2018-3183 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of ...)
-	- openjdk-8 <unfixed>
+	- openjdk-8 8u181-b13-2
 	- openjdk-10 10.0.2+13-2
 CVE-2018-3182 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
 	- mysql-5.7 <not-affected> (Only affects MySQL 8)
@@ -41672,7 +41673,7 @@ CVE-2018-3181 (Vulnerability in the Oracle Hospitality Cruise Shipboard Property
 	NOT-FOR-US: Oracle
 CVE-2018-3180 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of ...)
 	- openjdk-7 <unfixed>
-	- openjdk-8 <unfixed>
+	- openjdk-8 8u181-b13-2
 	- openjdk-10 10.0.2+13-2
 	- openjdk-11 11.0.1+13-1
 CVE-2018-3179 (Vulnerability in the Oracle Identity Manager component of Oracle ...)
@@ -41705,7 +41706,7 @@ CVE-2018-3170 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixMSQL
 CVE-2018-3169 (Vulnerability in the Java SE, Java SE Embedded component of Oracle ...)
 	- openjdk-7 <unfixed>
-	- openjdk-8 <unfixed>
+	- openjdk-8 8u181-b13-2
 	- openjdk-10 10.0.2+13-2
 	- openjdk-11 11.0.1+13-1
 CVE-2018-3168 (Vulnerability in the Oracle Identity Analytics component of Oracle ...)
@@ -41757,7 +41758,7 @@ CVE-2018-3150 (Vulnerability in the Java SE component of Oracle Java SE ...)
 	- openjdk-11 11.0.1+13-1
 CVE-2018-3149 (Vulnerability in the Java SE, Java SE Embedded, JRockit component of ...)
 	- openjdk-7 <unfixed>
-	- openjdk-8 <unfixed>
+	- openjdk-8 8u181-b13-2
 	- openjdk-10 10.0.2+13-2
 	- openjdk-11 11.0.1+13-1
 CVE-2018-3148 (Vulnerability in the Primavera Unifier component of Oracle ...)
@@ -41786,7 +41787,7 @@ CVE-2018-3140 (Vulnerability in the Hyperion Essbase Administration Services ...
 	NOT-FOR-US: Oracle
 CVE-2018-3139 (Vulnerability in the Java SE, Java SE Embedded component of Oracle ...)
 	- openjdk-7 <unfixed>
-	- openjdk-8 <unfixed>
+	- openjdk-8 8u181-b13-2
 	- openjdk-10 10.0.2+13-2
 	- openjdk-11 11.0.1+13-1
 CVE-2018-3138 (Vulnerability in the Oracle Application Object Library component of ...)
@@ -41797,7 +41798,7 @@ CVE-2018-3137 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
 	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixMSQL
 CVE-2018-3136 (Vulnerability in the Java SE, Java SE Embedded component of Oracle ...)
 	- openjdk-7 <unfixed>
-	- openjdk-8 <unfixed>
+	- openjdk-8 8u181-b13-2
 	- openjdk-10 10.0.2+13-2
 	- openjdk-11 11.0.1+13-1
 CVE-2018-3135 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/cf25dc8c8a6dbb89009fb094e95dc0a94345a222...aae411d2dc95c6451e4a9097ce6123db29412a9a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/cf25dc8c8a6dbb89009fb094e95dc0a94345a222...aae411d2dc95c6451e4a9097ce6123db29412a9a
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181021/36437470/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list