[Git][security-tracker-team/security-tracker][master] openjdk-17, RT5 fixed in sid

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e3ce7920 by Moritz Muehlenhoff at 2022-07-21T09:45:59+02:00
openjdk-17, RT5 fixed in sid
new chromium issues (also fixed in sid)

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -110,14 +110,24 @@ CVE-2022-2482
 	RESERVED
 CVE-2022-2481
 	RESERVED
+	- chromium 103.0.5060.134-1
+	[buster] - chromium <end-of-life> (see DSA 5046)
 CVE-2022-2480
 	RESERVED
+	- chromium 103.0.5060.134-1
+	[buster] - chromium <end-of-life> (see DSA 5046)
 CVE-2022-2479
 	RESERVED
+	- chromium 103.0.5060.134-1
+	[buster] - chromium <end-of-life> (see DSA 5046)
 CVE-2022-2478
 	RESERVED
+	- chromium 103.0.5060.134-1
+	[buster] - chromium <end-of-life> (see DSA 5046)
 CVE-2022-2477
 	RESERVED
+	- chromium 103.0.5060.134-1
+	[buster] - chromium <end-of-life> (see DSA 5046)
 CVE-2022-36305 (Vesta v1.0.0-5 was discovered to contain a cross-site scripting (XSS)  ...)
 	NOT-FOR-US: Vesta
 CVE-2022-36304 (Vesta v1.0.0-5 was discovered to contain a cross-site scripting (XSS)  ...)
@@ -5435,7 +5445,7 @@ CVE-2022-2166
 CVE-2022-34169 (The Apache Xalan Java XSLT library is vulnerable to an integer truncat ...)
 	- openjdk-8 <unfixed>
 	- openjdk-11 11.0.16+8-1
-	- openjdk-17 <unfixed>
+	- openjdk-17 17.0.4+8-1
 	- libxalan2-java <unfixed>
 CVE-2022-34168
 	RESERVED
@@ -29105,10 +29115,10 @@ CVE-2022-25805 (An issue was discovered in the IGEL Universal Management Suite (
 CVE-2022-25804 (An issue was discovered in the IGEL Universal Management Suite (UMS) 6 ...)
 	NOT-FOR-US: IGEL UMS
 CVE-2022-25803 (Best Practical Request Tracker (RT) before 5.0.3 has an Open Redirect  ...)
-	- request-tracker5 <unfixed>
+	- request-tracker5 5.0.3+dfsg-1
 CVE-2022-25802 (Best Practical Request Tracker (RT) before 4.4.6 and 5.x before 5.0.3  ...)
 	{DSA-5181-1}
-	- request-tracker5 <unfixed>
+	- request-tracker5 5.0.3+dfsg-1
 	- request-tracker4 4.4.6+dfsg-1
 CVE-2022-25801 (Best Practical RT for Incident Response (RTIR) before 4.0.3 and 5.x be ...)
 	TODO: check
@@ -49622,7 +49632,7 @@ CVE-2022-21551 (Vulnerability in Oracle GoldenGate (component: Oracle GoldenGate
 CVE-2022-21550 (Vulnerability in the MySQL Cluster product of Oracle MySQL (component: ...)
 	NOT-FOR-US: MySQL Cluster
 CVE-2022-21549 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...)
-	- openjdk-17 <unfixed>
+	- openjdk-17 17.0.4+8-1
 CVE-2022-21548 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
 	TODO: check
 CVE-2022-21547 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
@@ -49640,11 +49650,11 @@ CVE-2022-21542 (Vulnerability in the JD Edwards EnterpriseOne Tools product of O
 CVE-2022-21541 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...)
 	- openjdk-8 <unfixed>
 	- openjdk-11 11.0.16+8-1
-	- openjdk-17 <unfixed>
+	- openjdk-17 17.0.4+8-1
 CVE-2022-21540 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...)
 	- openjdk-8 <unfixed>
 	- openjdk-11 11.0.16+8-1
-	- openjdk-17 <unfixed>
+	- openjdk-17 17.0.4+8-1
 CVE-2022-21539 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-8.0 <unfixed>
 CVE-2022-21538 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e3ce7920c94e637adbc54e73c64ff1d620b40a64

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e3ce7920c94e637adbc54e73c64ff1d620b40a64
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220721/7d75f620/attachment.htm>