[Git][security-tracker-team/security-tracker][master] add openjdk advisories for last four Java CPUs

Tue Feb 18 13:34:55 GMT 2025


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9685dc60 by Moritz Muehlenhoff at 2025-02-18T14:33:35+01:00
add openjdk advisories for last four Java CPUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -7102,6 +7102,7 @@ CVE-2025-21502 (Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Ora
 	- openjdk-11 11.0.26+4-1
 	- openjdk-17 17.0.14+7-1
 	- openjdk-21 21.0.6+7-1
+	NOTE: https://openjdk.org/groups/vulnerability/advisories/2025-01-21
 CVE-2025-21501 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-8.0 8.0.41-1 (bug #1093877)
 CVE-2025-21500 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
@@ -37178,6 +37179,7 @@ CVE-2024-21235 (Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Ora
 	- openjdk-17 17.0.13+11-1
 	- openjdk-21 21.0.5+11-1
 	- openjdk-23 23.0.1+11-1
+	NOTE: https://openjdk.org/groups/vulnerability/advisories/2024-10-15
 CVE-2024-21234 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
 	NOT-FOR-US: Oracle
 CVE-2024-21233 (Vulnerability in the Oracle Database Core component of Oracle Database ...)
@@ -37199,6 +37201,7 @@ CVE-2024-21217 (Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Ora
 	- openjdk-17 17.0.13+11-1
 	- openjdk-21 21.0.5+11-1
 	- openjdk-23 23.0.1+11-1
+	NOTE: https://openjdk.org/groups/vulnerability/advisories/2024-10-15
 CVE-2024-21216 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
 	NOT-FOR-US: Oracle
 CVE-2024-21215 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
@@ -37218,6 +37221,7 @@ CVE-2024-21210 (Vulnerability in Oracle Java SE (component: Hotspot).  Supported
 	- openjdk-17 17.0.13+11-1
 	- openjdk-21 21.0.5+11-1
 	- openjdk-23 23.0.1+11-1
+	NOTE: https://openjdk.org/groups/vulnerability/advisories/2024-10-15
 CVE-2024-21209 (Vulnerability in the MySQL Client product of Oracle MySQL (component:  ...)
 	- mysql-8.0 <not-affected> (Only affects 8.4 and later)
 CVE-2024-21208 (Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle Gr ...)
@@ -37227,6 +37231,7 @@ CVE-2024-21208 (Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Ora
 	- openjdk-17 17.0.13+11-1
 	- openjdk-21 21.0.5+11-1
 	- openjdk-23 23.0.1+11-1
+	NOTE: https://openjdk.org/groups/vulnerability/advisories/2024-10-15
 CVE-2024-21207 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-8.0 8.0.39-1
 CVE-2024-21206 (Vulnerability in the Oracle Enterprise Command Center Framework produc ...)
@@ -57356,6 +57361,7 @@ CVE-2024-21147 (Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Ora
 	- openjdk-11 11.0.24+8-1
 	- openjdk-17 17.0.12+7-1
 	- openjdk-21 21.0.3+9-1
+	NOTE: https://openjdk.org/groups/vulnerability/advisories/2024-07-16
 CVE-2024-21146 (Vulnerability in the Oracle Trade Management product of Oracle E-Busin ...)
 	NOT-FOR-US: Oracle
 CVE-2024-21145 (Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle Gr ...)
@@ -57364,10 +57370,12 @@ CVE-2024-21145 (Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Ora
 	- openjdk-11 11.0.24+8-1
 	- openjdk-17 17.0.12+7-1
 	- openjdk-21 21.0.3+9-1
+	NOTE: https://openjdk.org/groups/vulnerability/advisories/2024-07-16
 CVE-2024-21144 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...)
 	{DSA-5736-1}
 	- openjdk-8 8u422-b05-1
 	- openjdk-11 11.0.24+8-1
+	NOTE: https://openjdk.org/groups/vulnerability/advisories/2024-07-16
 CVE-2024-21143 (Vulnerability in the Oracle iStore product of Oracle E-Business Suite  ...)
 	NOT-FOR-US: Oracle
 CVE-2024-21142 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
@@ -57380,6 +57388,7 @@ CVE-2024-21140 (Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Ora
 	- openjdk-11 11.0.24+8-1
 	- openjdk-17 17.0.12+7-1
 	- openjdk-21 21.0.3+9-1
+	NOTE: https://openjdk.org/groups/vulnerability/advisories/2024-07-16
 CVE-2024-21139 (Vulnerability in the Oracle Business Intelligence Enterprise Edition p ...)
 	NOT-FOR-US: Oracle
 CVE-2024-21138 (Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle Gr ...)
@@ -57388,6 +57397,7 @@ CVE-2024-21138 (Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Ora
 	- openjdk-11 11.0.24+8-1
 	- openjdk-17 17.0.12+7-1
 	- openjdk-21 21.0.3+9-1
+	NOTE: https://openjdk.org/groups/vulnerability/advisories/2024-07-16
 CVE-2024-21137 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-8.0 8.0.36-1
 CVE-2024-21136 (Vulnerability in the Oracle Retail Xstore Office product of Oracle Ret ...)
@@ -57406,6 +57416,7 @@ CVE-2024-21131 (Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Ora
 	- openjdk-11 11.0.24+8-1
 	- openjdk-17 17.0.12+7-1
 	- openjdk-21 21.0.3+9-1
+	NOTE: https://openjdk.org/groups/vulnerability/advisories/2024-07-16
 CVE-2024-21130 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-8.0 8.0.38-1
 CVE-2024-21129 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
@@ -87396,6 +87407,7 @@ CVE-2024-21094 (Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Ora
 	- openjdk-17 17.0.11+9-1
 	- openjdk-21 21.0.3+9-1
 	NOTE: https://bugs.openjdk.org/browse/JDK-8317507
+	NOTE: https://openjdk.org/groups/vulnerability/advisories/2024-07-16
 CVE-2024-21093 (Vulnerability in the Java VM component of Oracle Database Server.  Sup ...)
 	NOT-FOR-US: Oracle
 CVE-2024-21092 (Vulnerability in the Oracle Agile Product Lifecycle Management for Pro ...)
@@ -87416,6 +87428,7 @@ CVE-2024-21085 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise E
 	{DSA-5671-1 DLA-3793-1}
 	- openjdk-8 8u412-ga-1 (bug #1069678)
 	- openjdk-11 11.0.23+9-1
+	NOTE: https://openjdk.org/groups/vulnerability/advisories/2024-07-16
 CVE-2024-21084 (Vulnerability in the Oracle BI Publisher product of Oracle Analytics ( ...)
 	NOT-FOR-US: Oracle
 CVE-2024-21083 (Vulnerability in the Oracle BI Publisher product of Oracle Analytics ( ...)
@@ -87454,6 +87467,7 @@ CVE-2024-21068 (Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Ora
 	- openjdk-11 11.0.23+9-1
 	- openjdk-17 17.0.11+9-1
 	- openjdk-21 21.0.3+9-1
+	NOTE: https://openjdk.org/groups/vulnerability/advisories/2024-07-16
 CVE-2024-21067 (Vulnerability in the Oracle Enterprise Manager Base Platform product o ...)
 	NOT-FOR-US: Oracle
 CVE-2024-21066 (Vulnerability in the RDBMS component of Oracle Database Server.  Suppo ...)
@@ -87569,12 +87583,14 @@ CVE-2024-21012 (Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Ora
 	- openjdk-11 11.0.23+9-1
 	- openjdk-17 17.0.11+9-1
 	- openjdk-21 21.0.3+9-1
+	NOTE: https://openjdk.org/groups/vulnerability/advisories/2024-07-16
 CVE-2024-21011 (Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle Gr ...)
 	{DSA-5672-1 DSA-5671-1 DLA-3793-1}
 	- openjdk-8 8u412-ga-1 (bug #1069678)
 	- openjdk-11 11.0.23+9-1
 	- openjdk-17 17.0.11+9-1
 	- openjdk-21 21.0.3+9-1
+	NOTE: https://openjdk.org/groups/vulnerability/advisories/2024-07-16
 CVE-2024-21010 (Vulnerability in the Oracle Hospitality Simphony product of Oracle Foo ...)
 	NOT-FOR-US: Oracle
 CVE-2024-21009 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9685dc60e8dcfde1b05520636870386722315017

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9685dc60e8dcfde1b05520636870386722315017
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250218/cea63a48/attachment-0001.htm>
