[Git][security-tracker-team/security-tracker][master] Reserve DLA-4173-1 for openjdk-17

Emilio Pozuelo Monfort (@pochu) pochu at debian.org
Tue May 20 08:44:12 BST 2025 


Emilio Pozuelo Monfort pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ff3fac1b by Emilio Pozuelo Monfort at 2025-05-20T09:43:48+02:00
Reserve DLA-4173-1 for openjdk-17

- - - - -


2 changed files:

- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[20 May 2025] DLA-4173-1 openjdk-17 - security update
+	{CVE-2025-21587 CVE-2025-30691 CVE-2025-30698}
+	[bullseye] - openjdk-17 17.0.15+6-1~deb11u1
 [20 May 2025] DLA-4172-1 firefox-esr - security update
 	{CVE-2025-4083 CVE-2025-4087 CVE-2025-4091 CVE-2025-4093 CVE-2025-4918 CVE-2025-4919}
 	[bullseye] - firefox-esr 128.10.1esr-1~deb11u1


=====================================
data/dla-needed.txt
=====================================
@@ -298,14 +298,6 @@ openjdk-11 (Emilio)
   NOTE: 20250429: Suggested to also handle openjdk-17. (lamby)
   NOTE: 20250503: Coordinating w/ tg. (roberto)
 --
-openjdk-17 (Emilio)
-  NOTE: 20250429: Added by Front-Desk (lamby)
-  NOTE: 20250429: NB. limited support in buster(lamby)
-  NOTE: 20250429: Suggested to also handle openjdk-11. (lamby)
-  NOTE: 20250430: jmm cautions: "Please make sure to only release an update once the Bookworm update is out (will be released this weekend [2025-05-02]), otherwise there'll be update woes if Bullseye has a higher version than Bookworm." (lamby)
-  NOTE: 20250501: ^ DSA released; DLA can proceed. (lamby)
-  NOTE: 20250503: Coordinating w/ tg. (roberto)
---
 openssl
   NOTE: 20250519: Added by Front-Desk (Beuc)
   NOTE: 20250519: Follow fixes from bookworm 12.11 (CVE-2024-13176) (Beuc/front-desk)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ff3fac1b4ff63baff9651e29f23f0c1a2a23307d

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ff3fac1b4ff63baff9651e29f23f0c1a2a23307d
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250520/d0dbbc04/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list