[Git][security-tracker-team/security-tracker][master] new Java issues

Moritz Muehlenhoff (@jmm) jmm at debian.org
Wed Apr 16 15:16:30 BST 2025 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5fb98371 by Moritz Muehlenhoff at 2025-04-16T16:16:09+02:00
new Java issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -173,7 +173,11 @@ CVE-2025-30700 (Vulnerability in the Oracle Solaris product of Oracle Systems (c
 CVE-2025-30699 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-8.0 <unfixed>
 CVE-2025-30698 (Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle Gr ...)
-	TODO: check
+	- openjdk-8 <unfixed>
+	- openjdk-11 <unfixed>
+	- openjdk-17 <unfixed>
+	- openjdk-21 <unfixed>
+	NOTE: https://openjdk.org/groups/vulnerability/advisories/2025-04-15
 CVE-2025-30697 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
 	NOT-FOR-US: Oracle
 CVE-2025-30696 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
@@ -187,7 +191,11 @@ CVE-2025-30693 (Vulnerability in the MySQL Server product of Oracle MySQL (compo
 CVE-2025-30692 (Vulnerability in the Oracle iSupplier Portal product of Oracle E-Busin ...)
 	NOT-FOR-US: Oracle
 CVE-2025-30691 (Vulnerability in Oracle Java SE (component: Compiler).  Supported vers ...)
-	TODO: check
+	- openjdk-8 <unfixed>
+	- openjdk-11 <unfixed>
+	- openjdk-17 <unfixed>
+	- openjdk-21 <unfixed>
+	NOTE: https://openjdk.org/groups/vulnerability/advisories/2025-04-15
 CVE-2025-30690 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...)
 	NOT-FOR-US: Oracle
 CVE-2025-30689 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
@@ -323,7 +331,11 @@ CVE-2025-22263 (Improper Neutralization of Input During Web Page Generation ('Cr
 CVE-2025-21588 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-8.0 <not-affected> (Only affects 8.4 and later)
 CVE-2025-21587 (Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle Gr ...)
-	TODO: check
+	- openjdk-8 <unfixed>
+	- openjdk-11 <unfixed>
+	- openjdk-17 <unfixed>
+	- openjdk-21 <unfixed>
+	NOTE: https://openjdk.org/groups/vulnerability/advisories/2025-04-15
 CVE-2025-21586 (Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle  ...)
 	NOT-FOR-US: Oracle
 CVE-2025-21585 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5fb98371e66dfe6647cea590d7b7a9d2309b9f4a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5fb98371e66dfe6647cea590d7b7a9d2309b9f4a
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250416/80e767b6/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list