[Git][security-tracker-team/security-tracker][master] auto-nfu: Extend Oracle rule

Moritz Muehlenhoff (@jmm) jmm at debian.org
Wed Jan 21 10:12:27 GMT 2026 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
0a6662cc by Moritz Muehlenhoff at 2026-01-21T11:12:03+01:00
auto-nfu: Extend Oracle rule

- - - - -


2 changed files:

- data/CVE/list
- data/packages/nfu.yaml


Changes:

=====================================
data/CVE/list
=====================================
@@ -56,17 +56,17 @@ CVE-2026-21973 (Vulnerability in the Oracle FLEXCUBE Investor Servicing product
 CVE-2026-21972 (Vulnerability in the Oracle Configurator product of Oracle E-Business  ...)
 	NOT-FOR-US: Oracle
 CVE-2026-21971 (Vulnerability in the PeopleSoft Enterprise SCM Purchasing product of O ...)
-	TODO: check
+	NOT-FOR-US: Oracle
 CVE-2026-21970 (Vulnerability in the Oracle Life Sciences Central Designer product of  ...)
 	NOT-FOR-US: Oracle
 CVE-2026-21969 (Vulnerability in the Oracle Agile Product Lifecycle Management for Pro ...)
-	TODO: check
+	NOT-FOR-US: Oracle
 CVE-2026-21968 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	TODO: check
 CVE-2026-21967 (Vulnerability in the Oracle Hospitality OPERA 5 product of Oracle Hosp ...)
-	TODO: check
+	NOT-FOR-US: Oracle
 CVE-2026-21966 (Vulnerability in the Oracle Hospitality OPERA 5 Property Services prod ...)
-	TODO: check
+	NOT-FOR-US: Oracle
 CVE-2026-21965 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	TODO: check
 CVE-2026-21964 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
@@ -76,9 +76,9 @@ CVE-2026-21963 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virt
 CVE-2026-21962 (Vulnerability in the Oracle HTTP Server, Oracle Weblogic Server Proxy  ...)
 	TODO: check
 CVE-2026-21961 (Vulnerability in the PeopleSoft Enterprise HCM Human Resources product ...)
-	TODO: check
+	NOT-FOR-US: Oracle
 CVE-2026-21960 (Vulnerability in the Oracle Applications DBA product of Oracle E-Busin ...)
-	TODO: check
+	NOT-FOR-US: Oracle
 CVE-2026-21959 (Vulnerability in the Oracle Workflow product of Oracle E-Business Suit ...)
 	NOT-FOR-US: Oracle
 CVE-2026-21957 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
@@ -108,7 +108,7 @@ CVE-2026-21945 (Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Ora
 	- openjdk-21 <unfixed>
 	- openjdk-25 <unfixed>
 CVE-2026-21944 (Vulnerability in the Oracle Agile Product Lifecycle Management for Pro ...)
-	TODO: check
+	NOT-FOR-US: Oracle
 CVE-2026-21943 (Vulnerability in the Oracle Scripting product of Oracle E-Business Sui ...)
 	NOT-FOR-US: Oracle
 CVE-2026-21942 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...)


=====================================
data/packages/nfu.yaml
=====================================
@@ -494,8 +494,10 @@
       - product: Identity Manager
       - product: JD Edwards EnterpriseOne Tools
       - product: MySQL Cluster
+      - product: Oracle Agile Product Lifecycle Management for Process
       - product: Oracle Application Express
       - product: Oracle Application Object Library
+      - product: Oracle Applications DBA
       - product: Oracle Applications Framework
       - product: Oracle Applications Manager
       - product: Oracle Applications Technology Stack
@@ -514,6 +516,8 @@
       - product: Oracle Financial Services Analytical Applications Infrastructure
       - product: Oracle Financial Services Revenue Management and Billing
       - product: Oracle Health Sciences Data Management Workbench
+      - product: Oracle Hospitality OPERA 5
+      - product: Oracle Hospitality OPERA 5 Property Services
       - product: Oracle Hospitality Simphony
       - product: Oracle Hyperion Financial Reporting
       - product: Oracle Lease and Finance Management
@@ -544,9 +548,11 @@
       - product: PeopleSoft Enterprise FIN IT Asset Management
       - product: PeopleSoft Enterprise FIN Maintenance Management
       - product: PeopleSoft Enterprise FIN Payables
+      - product: PeopleSoft Enterprise HCM Human Resources
       - product: PeopleSoft Enterprise HCM Global Payroll Core
       - product: PeopleSoft Enterprise HCM Talent Acquisition Manager
       - product: PeopleSoft Enterprise PeopleTools
+      - product: PeopleSoft Enterprise SCM Purchasing
       - product: Primavera P6 Enterprise Project Portfolio Management
       - product: Siebel CRM End User
 - reason: SUSE



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0a6662cc992516a80d6380e82aff472561ccd192

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0a6662cc992516a80d6380e82aff472561ccd192
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260121/55514057/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list