Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits: a79c74dd by Moritz Muehlenhoff at 2020-10-22T16:35:30+02:00 openjdk-11 buster triage - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: ===================================== data/CVE/list ===================================== @@ -4218,10 +4218,12 @@ CVE-2020-25649 RESERVED {DLA-2406-1} - jackson-databind 2.11.1-1 + [buster] - jackson-databind <no-dsa> (Minor issue) NOTE: https://github.com/FasterXML/jackson-databind/issues/2589 NOTE: https://github.com/FasterXML/jackson-databind/commit/612f971b78c60202e9cd75a299050c8f2d724a59 (jackson-databind-2.11.0.rc1) CVE-2020-25648 (A flaw was found in the way NSS handled CCS (ChangeCipherSpec) message ...) - nss 2:3.58-1 + [buster] - nss <no-dsa> (Minor issue) NOTE: https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.58_release_notes NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1641480 (private) NOTE: Fixed by: https://hg.mozilla.org/projects/nss/rev/57bbefa793232586d27cee83e74411171e128361 @@ -27151,7 +27153,7 @@ CVE-2020-14805 (Vulnerability in the Oracle E-Business Suite Secure Enterprise S CVE-2020-14804 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) - mysql-8.0 <unfixed> CVE-2020-14803 (Vulnerability in the Java SE product of Oracle Java SE (component: Lib ...) - - openjdk-15 <unfixed> + - openjdk-15 15.0.1+9-1 - openjdk-11 11.0.9+11-1 CVE-2020-14802 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...) NOT-FOR-US: Oracle @@ -27162,15 +27164,15 @@ CVE-2020-14800 (Vulnerability in the MySQL Server product of Oracle MySQL (compo CVE-2020-14799 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) - mysql-8.0 <unfixed> CVE-2020-14798 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java ...) - - openjdk-15 <unfixed> + - openjdk-15 15.0.1+9-1 - openjdk-11 11.0.9+11-1 - openjdk-8 <unfixed> CVE-2020-14797 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java ...) - - openjdk-15 <unfixed> + - openjdk-15 15.0.1+9-1 - openjdk-11 11.0.9+11-1 - openjdk-8 <unfixed> CVE-2020-14796 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java ...) - - openjdk-15 <unfixed> + - openjdk-15 15.0.1+9-1 - openjdk-11 11.0.9+11-1 - openjdk-8 <unfixed> CVE-2020-14795 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...) @@ -27181,7 +27183,7 @@ CVE-2020-14793 (Vulnerability in the MySQL Server product of Oracle MySQL (compo - mysql-5.7 <unfixed> - mysql-8.0 <unfixed> CVE-2020-14792 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java ...) - - openjdk-15 <unfixed> + - openjdk-15 15.0.1+9-1 - openjdk-11 11.0.9+11-1 - openjdk-8 <unfixed> CVE-2020-14791 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) @@ -27205,17 +27207,17 @@ CVE-2020-14784 (Vulnerability in the Oracle BI Publisher product of Oracle Fusio CVE-2020-14783 (Vulnerability in the Oracle Hospitality RES 3700 product of Oracle Foo ...) NOT-FOR-US: Oracle CVE-2020-14782 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java ...) - - openjdk-15 <unfixed> + - openjdk-15 15.0.1+9-1 - openjdk-11 11.0.9+11-1 - openjdk-8 <unfixed> CVE-2020-14781 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java ...) - - openjdk-15 <unfixed> + - openjdk-15 15.0.1+9-1 - openjdk-11 11.0.9+11-1 - openjdk-8 <unfixed> CVE-2020-14780 (Vulnerability in the BI Publisher product of Oracle Fusion Middleware ...) NOT-FOR-US: Oracle CVE-2020-14779 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java ...) - - openjdk-15 <unfixed> + - openjdk-15 15.0.1+9-1 - openjdk-11 11.0.9+11-1 - openjdk-8 <unfixed> CVE-2020-14778 (Vulnerability in the PeopleSoft Enterprise HCM Global Payroll Core pro ...) ===================================== data/dsa-needed.txt ===================================== @@ -29,6 +29,8 @@ openjdk-11 (jmm) -- pdns-recursor -- +thunderbird (jmm) +-- xcftools Hugo proposed to work on this update -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a79c74dd246826a5d4ae76c7cf97f37abd3d509e -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a79c74dd246826a5d4ae76c7cf97f37abd3d509e You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits