[Git][security-tracker-team/security-tracker][master] 2 commits: Track some issues as fixed in Oracle CPU April 2021 update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu May 19 20:17:27 BST 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
07e18372 by Salvatore Bonaccorso at 2022-05-19T21:16:26+02:00
Track some issues as fixed in Oracle CPU April 2021 update
- - - - -
3b0c37be by Salvatore Bonaccorso at 2022-05-19T21:16:55+02:00
Mark two CVEs as not-affected because fixed before initial upload to Debian
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -101084,28 +101084,28 @@ CVE-2021-2310 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtu
CVE-2021-2309 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
- virtualbox 6.1.20-dfsg-1
CVE-2021-2308 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- - mysql-8.0 8.0.29-1 (bug #987325)
+ - mysql-8.0 8.0.28-1 (bug #987325)
CVE-2021-2307 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-5.7 <removed>
- - mysql-8.0 8.0.29-1 (bug #987325)
+ - mysql-8.0 8.0.28-1 (bug #987325)
CVE-2021-2306 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
- virtualbox 6.1.20-dfsg-1
CVE-2021-2305 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- - mysql-8.0 8.0.29-1 (bug #987325)
+ - mysql-8.0 8.0.28-1 (bug #987325)
CVE-2021-2304 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- - mysql-8.0 8.0.29-1 (bug #987325)
+ - mysql-8.0 8.0.28-1 (bug #987325)
CVE-2021-2303 (Vulnerability in the OSS Support Tools product of Oracle Support Tools ...)
NOT-FOR-US: Oracle
CVE-2021-2302 (Vulnerability in the Oracle Platform Security for Java product of Orac ...)
NOT-FOR-US: Oracle
CVE-2021-2301 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- - mysql-8.0 8.0.29-1 (bug #987325)
+ - mysql-8.0 8.0.28-1 (bug #987325)
CVE-2021-2300 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- - mysql-8.0 8.0.29-1 (bug #987325)
+ - mysql-8.0 8.0.28-1 (bug #987325)
CVE-2021-2299 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- - mysql-8.0 8.0.29-1 (bug #987325)
+ - mysql-8.0 8.0.28-1 (bug #987325)
CVE-2021-2298 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- - mysql-8.0 8.0.29-1 (bug #987325)
+ - mysql-8.0 8.0.28-1 (bug #987325)
CVE-2021-2297 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
- virtualbox 6.1.20-dfsg-1
CVE-2021-2296 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
@@ -101115,7 +101115,7 @@ CVE-2021-2295 (Vulnerability in the Oracle Concurrent Processing product of Orac
CVE-2021-2294 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
NOT-FOR-US: Oracle
CVE-2021-2293 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- - mysql-8.0 8.0.29-1 (bug #987325)
+ - mysql-8.0 8.0.28-1 (bug #987325)
CVE-2021-2292 (Vulnerability in the Oracle Document Management and Collaboration prod ...)
NOT-FOR-US: Oracle
CVE-2021-2291 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
@@ -101145,7 +101145,7 @@ CVE-2021-2280 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtu
CVE-2021-2279 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
- virtualbox 6.1.20-dfsg-1
CVE-2021-2278 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- - mysql-8.0 8.0.29-1 (bug #987325)
+ - mysql-8.0 8.0.28-1 (bug #987325)
CVE-2021-2277 (Vulnerability in the Oracle Coherence product of Oracle Fusion Middlew ...)
NOT-FOR-US: Oracle
CVE-2021-2276 (Vulnerability in the Oracle iSetup product of Oracle E-Business Suite ...)
@@ -101238,11 +101238,11 @@ CVE-2021-2234 (Vulnerability in the Java VM component of Oracle Database Server.
CVE-2021-2233 (Vulnerability in the Oracle Enterprise Asset Management product of Ora ...)
NOT-FOR-US: Oracle
CVE-2021-2232 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- - mysql-8.0 8.0.29-1 (bug #987325)
+ - mysql-8.0 8.0.28-1 (bug #987325)
CVE-2021-2231 (Vulnerability in the Oracle Installed Base product of Oracle E-Busines ...)
NOT-FOR-US: Oracle
CVE-2021-2230 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- - mysql-8.0 8.0.29-1 (bug #987325)
+ - mysql-8.0 8.0.28-1 (bug #987325)
CVE-2021-2229 (Vulnerability in the Oracle Depot Repair product of Oracle E-Business ...)
NOT-FOR-US: Oracle
CVE-2021-2228 (Vulnerability in the Oracle Incentive Compensation product of Oracle E ...)
@@ -101251,7 +101251,7 @@ CVE-2021-2227 (Vulnerability in the Oracle Cash Management product of Oracle E-B
NOT-FOR-US: Oracle
CVE-2021-2226 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-5.7 <removed>
- - mysql-8.0 8.0.29-1 (bug #987325)
+ - mysql-8.0 8.0.28-1 (bug #987325)
CVE-2021-2225 (Vulnerability in the Oracle E-Business Intelligence product of Oracle ...)
NOT-FOR-US: Oracle
CVE-2021-2224 (Vulnerability in the Oracle Compensation Workbench product of Oracle E ...)
@@ -101269,17 +101269,17 @@ CVE-2021-2219 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of
CVE-2021-2218 (Vulnerability in the PeopleSoft Enterprise PT PeopleTools product of O ...)
NOT-FOR-US: Oracle
CVE-2021-2217 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- - mysql-8.0 8.0.29-1 (bug #987325)
+ - mysql-8.0 8.0.28-1 (bug #987325)
CVE-2021-2216 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
NOT-FOR-US: Oracle
CVE-2021-2215 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- - mysql-8.0 8.0.29-1 (bug #987325)
+ - mysql-8.0 8.0.28-1 (bug #987325)
CVE-2021-2214 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
NOT-FOR-US: Oracle
CVE-2021-2213 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- - mysql-8.0 8.0.29-1 (bug #987325)
+ - mysql-8.0 8.0.28-1 (bug #987325)
CVE-2021-2212 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- - mysql-8.0 8.0.29-1 (bug #987325)
+ - mysql-8.0 8.0.28-1 (bug #987325)
CVE-2021-2211 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
NOT-FOR-US: Oracle
CVE-2021-2210 (Vulnerability in the Oracle Trade Management product of Oracle E-Busin ...)
@@ -101287,7 +101287,7 @@ CVE-2021-2210 (Vulnerability in the Oracle Trade Management product of Oracle E-
CVE-2021-2209 (Vulnerability in the Oracle Email Center product of Oracle E-Business ...)
NOT-FOR-US: Oracle
CVE-2021-2208 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- - mysql-8.0 8.0.29-1 (bug #987325)
+ - mysql-8.0 8.0.28-1 (bug #987325)
CVE-2021-2207 (Vulnerability in the Oracle Database - Enterprise Edition component of ...)
NOT-FOR-US: Oracle
CVE-2021-2206 (Vulnerability in the Oracle Trade Management product of Oracle E-Busin ...)
@@ -101297,12 +101297,12 @@ CVE-2021-2205 (Vulnerability in the Oracle Marketing product of Oracle E-Busines
CVE-2021-2204 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
NOT-FOR-US: Oracle
CVE-2021-2203 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- - mysql-8.0 8.0.29-1 (bug #987325)
+ - mysql-8.0 8.0.28-1 (bug #987325)
CVE-2021-2202 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-5.7 <removed>
- - mysql-8.0 8.0.29-1 (bug #987325)
+ - mysql-8.0 8.0.28-1 (bug #987325)
CVE-2021-2201 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- - mysql-8.0 8.0.29-1 (bug #987325)
+ - mysql-8.0 8.0.28-1 (bug #987325)
CVE-2021-2200 (Vulnerability in the Oracle Applications Framework product of Oracle E ...)
NOT-FOR-US: Oracle
CVE-2021-2199 (Vulnerability in the Oracle iStore product of Oracle E-Business Suite ...)
@@ -101312,7 +101312,7 @@ CVE-2021-2198 (Vulnerability in the Oracle Knowledge Management product of Oracl
CVE-2021-2197 (Vulnerability in the Oracle iStore product of Oracle E-Business Suite ...)
NOT-FOR-US: Oracle
CVE-2021-2196 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- - mysql-8.0 8.0.29-1 (bug #987325)
+ - mysql-8.0 8.0.28-1 (bug #987325)
CVE-2021-2195 (Vulnerability in the Oracle Partner Management product of Oracle E-Bus ...)
NOT-FOR-US: Oracle
CVE-2021-2194 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
@@ -101320,10 +101320,10 @@ CVE-2021-2194 (Vulnerability in the MySQL Server product of Oracle MySQL (compon
- mariadb-10.3 <removed>
[buster] - mariadb-10.3 1:10.3.27-0+deb10u1
- mysql-5.7 <removed>
- - mysql-8.0 8.0.29-1 (bug #987325)
+ - mysql-8.0 8.0.28-1 (bug #987325)
NOTE: Fixed in MariaDB 10.5.7, 10.4.16, 10.3.26, 10.2.35
CVE-2021-2193 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- - mysql-8.0 8.0.29-1 (bug #987325)
+ - mysql-8.0 8.0.28-1 (bug #987325)
CVE-2021-2192 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...)
NOT-FOR-US: Oracle
CVE-2021-2191 (Vulnerability in the Oracle Business Intelligence Enterprise Edition p ...)
@@ -101350,13 +101350,13 @@ CVE-2021-2181 (Vulnerability in the Oracle Document Management and Collaboration
NOT-FOR-US: Oracle
CVE-2021-2180 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-5.7 <removed>
- - mysql-8.0 8.0.29-1 (bug #987325)
+ - mysql-8.0 8.0.28-1 (bug #987325)
CVE-2021-2179 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-5.7 <removed>
- - mysql-8.0 8.0.29-1 (bug #987325)
+ - mysql-8.0 8.0.28-1 (bug #987325)
CVE-2021-2178 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-5.7 <removed>
- - mysql-8.0 8.0.29-1 (bug #987325)
+ - mysql-8.0 8.0.28-1 (bug #987325)
CVE-2021-2177 (Vulnerability in the Oracle Secure Global Desktop product of Oracle Vi ...)
NOT-FOR-US: Oracle
CVE-2021-2176
@@ -101365,19 +101365,19 @@ CVE-2021-2175 (Vulnerability in the Database Vault component of Oracle Database
NOT-FOR-US: Oracle
CVE-2021-2174 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-5.7 <removed>
- - mysql-8.0 8.0.29-1 (bug #987325)
+ - mysql-8.0 8.0.28-1 (bug #987325)
CVE-2021-2173 (Vulnerability in the Recovery component of Oracle Database Server. Sup ...)
NOT-FOR-US: Oracle
CVE-2021-2172 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- - mysql-8.0 8.0.29-1 (bug #987325)
+ - mysql-8.0 8.0.28-1 (bug #987325)
CVE-2021-2171 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-5.7 <removed>
- - mysql-8.0 8.0.29-1 (bug #987325)
+ - mysql-8.0 8.0.28-1 (bug #987325)
CVE-2021-2170 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- - mysql-8.0 8.0.29-1 (bug #987325)
+ - mysql-8.0 8.0.28-1 (bug #987325)
CVE-2021-2169 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-5.7 <removed>
- - mysql-8.0 8.0.29-1 (bug #987325)
+ - mysql-8.0 8.0.28-1 (bug #987325)
CVE-2021-2168
RESERVED
CVE-2021-2167 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...)
@@ -101386,13 +101386,13 @@ CVE-2021-2166 (Vulnerability in the MySQL Server product of Oracle MySQL (compon
- mariadb-10.5 1:10.5.10-1 (bug #988428)
- mariadb-10.3 <removed>
[buster] - mariadb-10.3 1:10.3.29-0+deb10u1
- - mysql-8.0 8.0.29-1 (bug #987325)
+ - mysql-8.0 8.0.28-1 (bug #987325)
- mysql-5.7 <removed>
NOTE: Fixed in MariaDB 10.5.10, 10.4.19, 10.3.29, 10.2.38
CVE-2021-2165
RESERVED
CVE-2021-2164 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- - mysql-8.0 8.0.29-1 (bug #987325)
+ - mysql-8.0 8.0.28-1 (bug #987325)
CVE-2021-2163 (Vulnerability in the Java SE, Java SE Embedded, Oracle GraalVM Enterpr ...)
{DSA-4899-1 DLA-2634-1}
- openjdk-17 17~19-1
@@ -101402,14 +101402,14 @@ CVE-2021-2163 (Vulnerability in the Java SE, Java SE Embedded, Oracle GraalVM En
NOTE: OpenJDK-8: http://hg.openjdk.java.net/jdk8u/jdk8u/jdk/rev/412d2b1381a4
CVE-2021-2162 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-5.7 <removed>
- - mysql-8.0 8.0.29-1 (bug #987325)
+ - mysql-8.0 8.0.28-1 (bug #987325)
CVE-2021-2161 (Vulnerability in the Java SE, Java SE Embedded, Oracle GraalVM Enterpr ...)
- openjdk-17 <not-affected> (Windows-specific)
- openjdk-11 <not-affected> (Windows-specific)
- openjdk-8 <not-affected> (Windows-specific)
CVE-2021-2160 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- mysql-5.7 <removed>
- - mysql-8.0 8.0.29-1 (bug #987325)
+ - mysql-8.0 <not-affected> (Fixed before initial upload to Debian)
CVE-2021-2159 (Vulnerability in the PeopleSoft Enterprise CS Campus Community product ...)
NOT-FOR-US: Oracle
CVE-2021-2158 (Vulnerability in the Hyperion Financial Management product of Oracle H ...)
@@ -101441,12 +101441,12 @@ CVE-2021-2148
CVE-2021-2147 (Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracl ...)
NOT-FOR-US: Oracle
CVE-2021-2146 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- - mysql-8.0 8.0.29-1 (bug #987325)
+ - mysql-8.0 8.0.28-1 (bug #987325)
- mysql-5.7 <removed>
CVE-2021-2145 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
- virtualbox 6.1.20-dfsg-1
CVE-2021-2144 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- - mysql-8.0 8.0.29-1 (bug #987325)
+ - mysql-8.0 <not-affected> (Fixed before initial upload to Debian)
- mysql-5.7 <removed>
CVE-2021-2143
RESERVED
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/a67821674692780ca4abce039f4967c84d79dabc...3b0c37be8c74071471f321934b0feaafc8f327f2
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/a67821674692780ca4abce039f4967c84d79dabc...3b0c37be8c74071471f321934b0feaafc8f327f2
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220519/0ef5f253/attachment.htm>
More information about the debian-security-tracker-commits
mailing list