[Git][security-tracker-team/security-tracker][master] lts: triage openjdk-11 issues as postponed

Emilio Pozuelo Monfort (@pochu) pochu at debian.org
Mon Oct 24 09:17:49 BST 2022



Emilio Pozuelo Monfort pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ed903dd2 by Emilio Pozuelo Monfort at 2022-10-24T10:17:26+02:00
lts: triage openjdk-11 issues as postponed

We follow upstream releases for OpenJDK, and thus follow stable.

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -10348,6 +10348,7 @@ CVE-2022-39400 (Vulnerability in the MySQL Server product of Oracle MySQL (compo
 CVE-2022-39399 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...)
 	- openjdk-11 11.0.17+8-1
 	[bullseye] - openjdk-11 <postponed> (Minor issue, fix along with next CPU)
+	[buster] - openjdk-11 <postponed> (Minor issue, fix along with next CPU)
 	- openjdk-17 17.0.5+8-1
 	[bullseye] - openjdk-17 <postponed> (Minor issue, fix along with next CPU)
 CVE-2022-39398
@@ -69154,6 +69155,7 @@ CVE-2022-21628 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise E
 	- openjdk-8 8u352-ga-1
 	- openjdk-11 11.0.17+8-1
 	[bullseye] - openjdk-11 <postponed> (Minor issue, fix along with next CPU)
+	[buster] - openjdk-11 <postponed> (Minor issue, fix along with next CPU)
 	- openjdk-17 17.0.5+8-1
 	[bullseye] - openjdk-17 <postponed> (Minor issue, fix along with next CPU)
 CVE-2022-21627 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
@@ -69163,12 +69165,14 @@ CVE-2022-21626 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise E
 	- openjdk-8 8u352-ga-1
 	- openjdk-11 11.0.17+8-1
 	[bullseye] - openjdk-11 <postponed> (Minor issue, fix along with next CPU)
+	[buster] - openjdk-11 <postponed> (Minor issue, fix along with next CPU)
 CVE-2022-21625 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-8.0 <unfixed>
 CVE-2022-21624 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...)
 	- openjdk-8 8u352-ga-1
 	- openjdk-11 11.0.17+8-1
 	[bullseye] - openjdk-11 <postponed> (Minor issue, fix along with next CPU)
+	[buster] - openjdk-11 <postponed> (Minor issue, fix along with next CPU)
 	- openjdk-17 17.0.5+8-1
 	[bullseye] - openjdk-17 <postponed> (Minor issue, fix along with next CPU)
 CVE-2022-21623 (Vulnerability in the Enterprise Manager Base Platform product of Oracl ...)
@@ -69185,6 +69189,7 @@ CVE-2022-21619 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise E
 	- openjdk-8 8u352-ga-1
 	- openjdk-11 11.0.17+8-1
 	[bullseye] - openjdk-11 <postponed> (Minor issue, fix along with next CPU)
+	[buster] - openjdk-11 <postponed> (Minor issue, fix along with next CPU)
 	- openjdk-17 <unfixed>
 	[bullseye] - openjdk-17 <postponed> (Minor issue, fix along with next CPU)
 CVE-2022-21618 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...)


=====================================
data/dla-needed.txt
=====================================
@@ -122,8 +122,6 @@ openexr
   NOTE: 20220904: Programming language: C++.
   NOTE: 20220904: Should be synced with Stretch. (apo)
 --
-openjdk-11 (Emilio)
---
 openvswitch (Thorsten Alteholz)
   NOTE: 20220911: No known patch for this problem.
 --



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ed903dd2a86c9d06d01331e693638f93db6072fb

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ed903dd2a86c9d06d01331e693638f93db6072fb
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221024/1dbd4cbc/attachment.htm>


More information about the debian-security-tracker-commits mailing list