[Git][security-tracker-team/security-tracker][master] new Java issues

Moritz Muehlenhoff (@jmm) jmm at debian.org
Wed Apr 19 15:44:17 BST 2023 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
3d6c8d99 by Moritz Muehlenhoff at 2023-04-19T16:43:51+02:00
new Java issues

- - - - -


2 changed files:

- data/CVE/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -28230,7 +28230,7 @@ CVE-2023-21988 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virt
 CVE-2023-21987 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
 	TODO: check
 CVE-2023-21986 (Vulnerability in the Oracle GraalVM Enterprise Edition product of Orac ...)
-	TODO: check
+	NOT-FOR-US: GraalVM
 CVE-2023-21985 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...)
 	TODO: check
 CVE-2023-21984 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...)
@@ -28266,9 +28266,13 @@ CVE-2023-21970 (Vulnerability in the Oracle BI Publisher product of Oracle Analy
 CVE-2023-21969 (Vulnerability in Oracle SQL Developer (component: Installation). Suppo ...)
 	TODO: check
 CVE-2023-21968 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...)
-	TODO: check
+	- openjdk-8 <unfixed>
+	- openjdk-11 <unfixed>
+	- openjdk-17 <unfixed>
 CVE-2023-21967 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...)
-	TODO: check
+	- openjdk-8 <unfixed>
+	- openjdk-11 <unfixed>
+	- openjdk-17 <unfixed>
 CVE-2023-21966 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	TODO: check
 CVE-2023-21965 (Vulnerability in the Oracle Business Intelligence Enterprise Edition p ...)
@@ -28294,7 +28298,9 @@ CVE-2023-21956 (Vulnerability in the Oracle WebLogic Server product of Oracle Fu
 CVE-2023-21955 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	TODO: check
 CVE-2023-21954 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...)
-	TODO: check
+	- openjdk-8 <unfixed>
+	- openjdk-11 <unfixed>
+	- openjdk-17 <unfixed>
 CVE-2023-21953 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	TODO: check
 CVE-2023-21952 (Vulnerability in the Oracle Business Intelligence Enterprise Edition p ...)
@@ -28324,11 +28330,17 @@ CVE-2023-21941 (Vulnerability in the Oracle BI Publisher product of Oracle Analy
 CVE-2023-21940 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	TODO: check
 CVE-2023-21939 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...)
-	TODO: check
+	- openjdk-8 <unfixed>
+	- openjdk-11 <unfixed>
+	- openjdk-17 <unfixed>
 CVE-2023-21938 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...)
-	TODO: check
+	- openjdk-8 <unfixed>
+	- openjdk-11 <unfixed>
+	- openjdk-17 <unfixed>
 CVE-2023-21937 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...)
-	TODO: check
+	- openjdk-8 <unfixed>
+	- openjdk-11 <unfixed>
+	- openjdk-17 <unfixed>
 CVE-2023-21936 (Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle  ...)
 	TODO: check
 CVE-2023-21935 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
@@ -28342,7 +28354,9 @@ CVE-2023-21932 (Vulnerability in the Oracle Hospitality OPERA 5 Property Service
 CVE-2023-21931 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
 	TODO: check
 CVE-2023-21930 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...)
-	TODO: check
+	- openjdk-8 <unfixed>
+	- openjdk-11 <unfixed>
+	- openjdk-17 <unfixed>
 CVE-2023-21929 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	TODO: check
 CVE-2023-21928 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...)


=====================================
data/dsa-needed.txt
=====================================
@@ -30,6 +30,10 @@ netatalk
 --
 nodejs (aron)
 --
+openjdk-11 (jmm)
+--
+openjdk-17 (jmm)
+--
 php-cas
 --
 php-horde-mime-viewer



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3d6c8d99d1d3e24c26da4c27b3bcf63ad58bde5e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3d6c8d99d1d3e24c26da4c27b3bcf63ad58bde5e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230419/c927d7fb/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list