[Git][security-tracker-team/security-tracker][master] auto-nfu: Extend rule for Eclipse

Moritz Muehlenhoff (@jmm) jmm at debian.org
Wed May 6 11:55:25 BST 2026 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
80190f9e by Moritz Muehlenhoff at 2026-05-06T12:55:01+02:00
auto-nfu: Extend rule for Eclipse

- - - - -


2 changed files:

- data/CVE/list
- data/packages/nfu.yaml


Changes:

=====================================
data/CVE/list
=====================================
@@ -356,11 +356,11 @@ CVE-2026-7832 (A security flaw has been discovered in IObit Advanced SystemCare
 CVE-2026-7778 (An issue that could allow a dashboard configuration to be viewed from  ...)
 	NOT-FOR-US: runZero
 CVE-2026-7412 (In Eclipse BaSyx Java Server SDK versions prior to 2.0.0-milestone-10, ...)
-	TODO: check
+	NOT-FOR-US: Eclipse
 CVE-2026-7411 (In Eclipse BaSyx Java Server SDK versions prior to 2.0.0-milestone-10, ...)
-	TODO: check
+	NOT-FOR-US: Eclipse
 CVE-2026-6918 (In Eclipse Open9J versions 0.21 to 0.58, a pre-authentication remote a ...)
-	TODO: check
+	NOT-FOR-US: Eclipse
 CVE-2026-6322 (fast-uri normalize() decoded percent-encoded authority delimiters insi ...)
 	- node-ajv <unfixed>
 	NOTE: https://github.com/fastify/fast-uri/security/advisories/GHSA-v39h-62p7-jpjc


=====================================
data/packages/nfu.yaml
=====================================
@@ -425,6 +425,7 @@
   allOf:
     - cna: eclipse
     - anyOf:
+      - product: Eclipse BaSyx
       - product: Eclipse Cyclone DDS
       - product: Eclipse Glassfish
       - product: Eclipse KUKSA - Databroker
@@ -433,6 +434,7 @@
       - product: Eclipse ThreadX - USBX
       - product: Eclipse Vert.x
       - product: Eclipse OMR
+      - product: Eclipse OpenJ9
       - product: FileX
       - product: Jersey
       - product: NetX Duo



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/80190f9e9fbe59d0203df631b4b03642546be56b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/80190f9e9fbe59d0203df631b4b03642546be56b
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260506/d3cde48b/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list