[Git][security-tracker-team/security-tracker][master] new java issues

Moritz Muehlenhoff Wed, 16 Jan 2019 08:18:36 -0800

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
6703a1c2 by Moritz Muehlenhoff at 2019-01-16T16:17:25Z
new java issues
jpeg9 issues also affect jpeg-turbo

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -9764,6 +9764,7 @@ CVE-2019-2541
        RESERVED
 CVE-2019-2540
        RESERVED
+       NOT-FOR-US: Java Advanced Management Console
 CVE-2019-2539
        RESERVED
 CVE-2019-2538
@@ -9946,6 +9947,7 @@ CVE-2019-2450
        RESERVED
 CVE-2019-2449
        RESERVED
+       - openjdk-8 <not-affected> (Deployment components not part of OpenJDK, 
only present in Oracle Java)
 CVE-2019-2448
        RESERVED
 CVE-2019-2447
@@ -9992,6 +9994,9 @@ CVE-2019-2427
        RESERVED
 CVE-2019-2426
        RESERVED
+       - openjdk-7 <not-affected> (Specific to Java on Windows)
+       - openjdk-8 <not-affected> (Specific to Java on Windows)
+       - openjdk-11 <not-affected> (Specific to Java on Windows)
 CVE-2019-2425
        RESERVED
 CVE-2019-2424
@@ -10000,6 +10005,9 @@ CVE-2019-2423
        RESERVED
 CVE-2019-2422
        RESERVED
+       - openjdk-7 <unfixed>
+       - openjdk-8 <unfixed>
+       - openjdk-11 <unfixed>
 CVE-2019-2421
        RESERVED
 CVE-2019-2420
@@ -37992,10 +38000,16 @@ CVE-2018-11215
        RESERVED
 CVE-2018-11214 (An issue was discovered in libjpeg 9a. The get_text_rgb_row 
function in ...)
        - libjpeg9 1:9c-1 (low; bug #902176)
+       - libjpeg-turbo <unfixed>
+       NOTE: 
https://github.com/libjpeg-turbo/libjpeg-turbo/commit/6709e4a0cfa44d4f54ee8ad05753d4aa9260cb91
 CVE-2018-11213 (An issue was discovered in libjpeg 9a. The get_text_gray_row 
function ...)
        - libjpeg9 1:9c-1 (low; bug #902176)
+       - libjpeg-turbo <unfixed>
+       NOTE: 
https://github.com/libjpeg-turbo/libjpeg-turbo/commit/6709e4a0cfa44d4f54ee8ad05753d4aa9260cb91
 CVE-2018-11212 (An issue was discovered in libjpeg 9a. The alloc_sarray 
function in ...)
        - libjpeg9 1:9c-1 (low; bug #902176)
+       - libjpeg-turbo <unfixed>
+       NOTE: 
https://github.com/libjpeg-turbo/libjpeg-turbo/commit/82923eb93a2eacf4a593e00e3e672bbb86a8a3a0
 CVE-2018-11211
        RESERVED
 CVE-2018-11210 (TinyXML2 6.2.0 has a heap-based buffer over-read in the ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/6703a1c2825047fa9f0066efaf47b172c3ea4c12

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/6703a1c2825047fa9f0066efaf47b172c3ea4c12
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] new java issues

Reply via email to