[Git][security-tracker-team/security-tracker][master] openjdk-11

Moritz Muehlenhoff Thu, 22 Oct 2020 07:36:01 -0700


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
a79c74dd by Moritz Muehlenhoff at 2020-10-22T16:35:30+02:00
openjdk-11
buster triage

- - - - -


2 changed files:

- data/CVE/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -4218,10 +4218,12 @@ CVE-2020-25649
        RESERVED
        {DLA-2406-1}
        - jackson-databind 2.11.1-1
+       [buster] - jackson-databind <no-dsa> (Minor issue)
        NOTE: https://github.com/FasterXML/jackson-databind/issues/2589
        NOTE: 
https://github.com/FasterXML/jackson-databind/commit/612f971b78c60202e9cd75a299050c8f2d724a59
 (jackson-databind-2.11.0.rc1)
 CVE-2020-25648 (A flaw was found in the way NSS handled CCS (ChangeCipherSpec) 
message ...)
        - nss 2:3.58-1
+       [buster] - nss <no-dsa> (Minor issue)
        NOTE: 
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.58_release_notes
        NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1641480 (private)
        NOTE: Fixed by: 
https://hg.mozilla.org/projects/nss/rev/57bbefa793232586d27cee83e74411171e128361
@@ -27151,7 +27153,7 @@ CVE-2020-14805 (Vulnerability in the Oracle E-Business 
Suite Secure Enterprise S
 CVE-2020-14804 (Vulnerability in the MySQL Server product of Oracle MySQL 
(component:  ...)
        - mysql-8.0 <unfixed>
 CVE-2020-14803 (Vulnerability in the Java SE product of Oracle Java SE 
(component: Lib ...)
-       - openjdk-15 <unfixed>
+       - openjdk-15 15.0.1+9-1
        - openjdk-11 11.0.9+11-1
 CVE-2020-14802 (Vulnerability in the PeopleSoft Enterprise PeopleTools product 
of Orac ...)
        NOT-FOR-US: Oracle
@@ -27162,15 +27164,15 @@ CVE-2020-14800 (Vulnerability in the MySQL Server 
product of Oracle MySQL (compo
 CVE-2020-14799 (Vulnerability in the MySQL Server product of Oracle MySQL 
(component:  ...)
        - mysql-8.0 <unfixed>
 CVE-2020-14798 (Vulnerability in the Java SE, Java SE Embedded product of 
Oracle Java  ...)
-       - openjdk-15 <unfixed>
+       - openjdk-15 15.0.1+9-1
        - openjdk-11 11.0.9+11-1
        - openjdk-8 <unfixed>
 CVE-2020-14797 (Vulnerability in the Java SE, Java SE Embedded product of 
Oracle Java  ...)
-       - openjdk-15 <unfixed>
+       - openjdk-15 15.0.1+9-1
        - openjdk-11 11.0.9+11-1
        - openjdk-8 <unfixed>
 CVE-2020-14796 (Vulnerability in the Java SE, Java SE Embedded product of 
Oracle Java  ...)
-       - openjdk-15 <unfixed>
+       - openjdk-15 15.0.1+9-1
        - openjdk-11 11.0.9+11-1
        - openjdk-8 <unfixed>
 CVE-2020-14795 (Vulnerability in the PeopleSoft Enterprise PeopleTools product 
of Orac ...)
@@ -27181,7 +27183,7 @@ CVE-2020-14793 (Vulnerability in the MySQL Server 
product of Oracle MySQL (compo
        - mysql-5.7 <unfixed>
        - mysql-8.0 <unfixed>
 CVE-2020-14792 (Vulnerability in the Java SE, Java SE Embedded product of 
Oracle Java  ...)
-       - openjdk-15 <unfixed>
+       - openjdk-15 15.0.1+9-1
        - openjdk-11 11.0.9+11-1
        - openjdk-8 <unfixed>
 CVE-2020-14791 (Vulnerability in the MySQL Server product of Oracle MySQL 
(component:  ...)
@@ -27205,17 +27207,17 @@ CVE-2020-14784 (Vulnerability in the Oracle BI 
Publisher product of Oracle Fusio
 CVE-2020-14783 (Vulnerability in the Oracle Hospitality RES 3700 product of 
Oracle Foo ...)
        NOT-FOR-US: Oracle
 CVE-2020-14782 (Vulnerability in the Java SE, Java SE Embedded product of 
Oracle Java  ...)
-       - openjdk-15 <unfixed>
+       - openjdk-15 15.0.1+9-1
        - openjdk-11 11.0.9+11-1
        - openjdk-8 <unfixed>
 CVE-2020-14781 (Vulnerability in the Java SE, Java SE Embedded product of 
Oracle Java  ...)
-       - openjdk-15 <unfixed>
+       - openjdk-15 15.0.1+9-1
        - openjdk-11 11.0.9+11-1
        - openjdk-8 <unfixed>
 CVE-2020-14780 (Vulnerability in the BI Publisher product of Oracle Fusion 
Middleware  ...)
        NOT-FOR-US: Oracle
 CVE-2020-14779 (Vulnerability in the Java SE, Java SE Embedded product of 
Oracle Java  ...)
-       - openjdk-15 <unfixed>
+       - openjdk-15 15.0.1+9-1
        - openjdk-11 11.0.9+11-1
        - openjdk-8 <unfixed>
 CVE-2020-14778 (Vulnerability in the PeopleSoft Enterprise HCM Global Payroll 
Core pro ...)


=====================================
data/dsa-needed.txt
=====================================
@@ -29,6 +29,8 @@ openjdk-11 (jmm)
 --
 pdns-recursor
 --
+thunderbird (jmm)
+--
 xcftools
   Hugo proposed to work on this update
 --



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a79c74dd246826a5d4ae76c7cf97f37abd3d509e

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a79c74dd246826a5d4ae76c7cf97f37abd3d509e
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] openjdk-11

Reply via email to