[Git][security-tracker-team/security-tracker][master] Reference Debian bugs as reported for various CVEs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
01c88b5b by Salvatore Bonaccorso at 2024-10-21T21:53:01+02:00
Reference Debian bugs as reported for various CVEs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -2219,7 +2219,7 @@ CVE-2024-21237 (Vulnerability in the MySQL Server product of Oracle MySQL (compo
 CVE-2024-21236 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-8.0 8.0.40-1 (bug #1085294)
 CVE-2024-21235 (Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle Gr ...)
-	- openjdk-8 <unfixed>
+	- openjdk-8 <unfixed> (bug #1085696)
 	- openjdk-11 11.0.25+9-1
 	- openjdk-17 17.0.13+11-1
 	- openjdk-21 21.0.5+11-1
@@ -2239,7 +2239,7 @@ CVE-2024-21219 (Vulnerability in the MySQL Server product of Oracle MySQL (compo
 CVE-2024-21218 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-8.0 8.0.40-1 (bug #1085294)
 CVE-2024-21217 (Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle Gr ...)
-	- openjdk-8 <unfixed>
+	- openjdk-8 <unfixed> (bug #1085696)
 	- openjdk-11 11.0.25+9-1
 	- openjdk-17 17.0.13+11-1
 	- openjdk-21 21.0.5+11-1
@@ -2257,7 +2257,7 @@ CVE-2024-21212 (Vulnerability in the MySQL Server product of Oracle MySQL (compo
 CVE-2024-21211 (Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle Gr ...)
 	- openjdk-23 23.0.1+11-1
 CVE-2024-21210 (Vulnerability in Oracle Java SE (component: Hotspot).  Supported versi ...)
-	- openjdk-8 <unfixed>
+	- openjdk-8 <unfixed> (bug #1085696)
 	- openjdk-11 11.0.25+9-1
 	- openjdk-17 17.0.13+11-1
 	- openjdk-21 21.0.5+11-1
@@ -2265,7 +2265,7 @@ CVE-2024-21210 (Vulnerability in Oracle Java SE (component: Hotspot).  Supported
 CVE-2024-21209 (Vulnerability in the MySQL Client product of Oracle MySQL (component:  ...)
 	- mysql-8.0 <not-affected> (Only affects 8.4 and later)
 CVE-2024-21208 (Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle Gr ...)
-	- openjdk-8 <unfixed>
+	- openjdk-8 <unfixed> (bug #1085696)
 	- openjdk-11 11.0.25+9-1
 	- openjdk-17 17.0.13+11-1
 	- openjdk-21 21.0.5+11-1
@@ -2404,12 +2404,12 @@ CVE-2024-8184 (There exists a security vulnerability in Jetty's ThreadLimitHandl
 CVE-2024-7847 (VULNERABILITY DETAILS  Rockwell Automation used the latest versions of ...)
 	NOT-FOR-US: Rockwell Automation
 CVE-2024-6763 (Eclipse Jetty is a lightweight, highly scalable, Java-based web server ...)
-	- jetty9 <unfixed>
+	- jetty9 <unfixed> (bug #1085698)
 	- jetty <removed>
 	NOTE: https://github.com/jetty/jetty.project/security/advisories/GHSA-qh8g-58pp-2wxh
 	NOTE: https://github.com/jetty/jetty.project/pull/12012
 CVE-2024-6762 (Jetty PushSessionCacheFilter can be exploited by unauthenticated users ...)
-	- jetty9 <unfixed>
+	- jetty9 <unfixed> (bug #1085697)
 	- jetty <removed>
 	NOTE: https://github.com/jetty/jetty.project/security/advisories/GHSA-r7m4-f9h5-gr79
 	NOTE: https://github.com/jetty/jetty.project/pull/9715



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/01c88b5bfc2ee78d8d40a8e44f04c6c52c0df21a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/01c88b5bfc2ee78d8d40a8e44f04c6c52c0df21a
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241021/6f4343f3/attachment.htm>