Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
bd175d00 by Moritz Muehlenhoff at 2026-01-21T10:28:22+01:00
new Java issues
- - - - -
2 changed files:
- data/CVE/list
- data/dsa-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -98,11 +98,15 @@ CVE-2026-21949 (Vulnerability in the MySQL Server product
of Oracle MySQL (compo
CVE-2026-21948 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
TODO: check
CVE-2026-21947 (Vulnerability in Oracle Java SE (component: JavaFX).
Supported versio ...)
- TODO: check
+ - openjfx <not-affected> (Only affects JavaFX 8)
CVE-2026-21946 (Vulnerability in the JD Edwards EnterpriseOne Tools product of
Oracle ...)
NOT-FOR-US: Oracle
CVE-2026-21945 (Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK,
Oracle Gr ...)
- TODO: check
+ - openjdk-8 <unfixed>
+ - openjdk-11 <unfixed>
+ - openjdk-17 <unfixed>
+ - openjdk-21 <unfixed>
+ - openjdk-25 <unfixed>
CVE-2026-21944 (Vulnerability in the Oracle Agile Product Lifecycle Management
for Pro ...)
TODO: check
CVE-2026-21943 (Vulnerability in the Oracle Scripting product of Oracle
E-Business Sui ...)
@@ -126,9 +130,17 @@ CVE-2026-21935 (Vulnerability in the Oracle Solaris
product of Oracle Systems (c
CVE-2026-21934 (Vulnerability in the PeopleSoft Enterprise PeopleTools product
of Orac ...)
NOT-FOR-US: Oracle
CVE-2026-21933 (Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK,
Oracle Gr ...)
- TODO: check
+ - openjdk-8 <unfixed>
+ - openjdk-11 <unfixed>
+ - openjdk-17 <unfixed>
+ - openjdk-21 <unfixed>
+ - openjdk-25 <unfixed>
CVE-2026-21932 (Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK,
Oracle Gr ...)
- TODO: check
+ - openjdk-8 <unfixed>
+ - openjdk-11 <unfixed>
+ - openjdk-17 <unfixed>
+ - openjdk-21 <unfixed>
+ - openjdk-25 <unfixed>
CVE-2026-21931 (Vulnerability in the Oracle APEX Sample Applications product
of Oracle ...)
TODO: check
CVE-2026-21930 (Vulnerability in the Oracle ZFS Storage Appliance Kit product
of Oracl ...)
@@ -142,7 +154,11 @@ CVE-2026-21927 (Vulnerability in the Oracle Solaris
product of Oracle Systems (c
CVE-2026-21926 (Vulnerability in the Siebel CRM Deployment product of Oracle
Siebel CR ...)
TODO: check
CVE-2026-21925 (Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK,
Oracle Gr ...)
- TODO: check
+ - openjdk-8 <unfixed>
+ - openjdk-11 <unfixed>
+ - openjdk-17 <unfixed>
+ - openjdk-21 <unfixed>
+ - openjdk-25 <unfixed>
CVE-2026-21924 (Vulnerability in the Oracle Utilities Application Framework
product of ...)
TODO: check
CVE-2026-21923 (Vulnerability in the Oracle Life Sciences Central Designer
product of ...)
=====================================
data/dsa-needed.txt
=====================================
@@ -49,6 +49,10 @@ node-tar
--
nodejs
--
+openjdk-17 (jmm)
+--
+openjdk-21/stable (jmm)
+--
opennds/oldstable
pinged maintainer, but no reply yet. should most probably be bumped to 10.x
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bd175d00366328e3cde7eb180f782a09f3f4ef4d
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bd175d00366328e3cde7eb180f782a09f3f4ef4d
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
