[Git][security-tracker-team/security-tracker][master] Reserve DLA-4346-1 for openjdk-11

Emilio Pozuelo Monfort (@pochu) pochu at debian.org
Sat Oct 25 20:12:18 BST 2025 


Emilio Pozuelo Monfort pushed to branch master at Debian Security Tracker / security-tracker


Commits:
774ed5d4 by Emilio Pozuelo Monfort at 2025-10-25T21:12:06+02:00
Reserve DLA-4346-1 for openjdk-11

- - - - -


3 changed files:

- data/CVE/list
- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -27984,7 +27984,7 @@ CVE-2025-8738 (A vulnerability has been found in zlt2000 microservices-platform
 CVE-2025-8737 (A vulnerability, which was classified as problematic, was found in zlt ...)
 	NOT-FOR-US: zlt2000 microservices-platform
 CVE-2025-8736 (A vulnerability, which was classified as critical, has been found in G ...)
-	- cflow <unfixed>  (unimportant)
+	- cflow <unfixed> (unimportant)
 	NOTE: https://lists.gnu.org/archive/html/bug-cflow/2025-07/msg00001.html
 	NOTE: Crash in CLI tool, no security impact
 CVE-2025-8735 (A vulnerability classified as problematic was found in GNU cflow up to ...)


=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[25 Oct 2025] DLA-4346-1 openjdk-11 - security update
+	{CVE-2025-53057 CVE-2025-53066}
+	[bullseye] - openjdk-11 11.0.29+6-1~deb11u1
 [25 Oct 2025] DLA-4345-1 openjdk-17 - security update
 	{CVE-2025-53057 CVE-2025-53066}
 	[bullseye] - openjdk-17 17.0.17+10-1~deb11u1


=====================================
data/dla-needed.txt
=====================================
@@ -265,9 +265,6 @@ opencryptoki
   NOTE: 20250505: https://github.com/opencryptoki/opencryptoki/issues/731#issuecomment-1851436555
   NOTE: 20250505: Cf. #1104729 to determine whether to fix or ignore this in all dists (Beuc/front-desk)
 --
-openjdk-11 (Emilio)
-  NOTE: 20251023: Added by Front-Desk (pochu)
---
 p7zip
   NOTE: 20251020: Added by Front-Desk (dleidert)
   NOTE: 20251020: I disagree with the low-severity ratings; but finding the patches might be a hard (dleidert/front-desk)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/774ed5d43c3fc8afc2b5f1ff5c03c733d8a17006

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/774ed5d43c3fc8afc2b5f1ff5c03c733d8a17006
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251025/29440371/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list