[Git][security-tracker-team/security-tracker][master] openjdk-17,cinder,nova,glance DSAs

Moritz Muehlenhoff (@jmm) Wed, 01 Feb 2023 10:24:37 -0800


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
ddfadbc4 by Moritz Mühlenhoff at 2023-02-01T19:23:47+01:00
openjdk-17,cinder,nova,glance DSAs

- - - - -


3 changed files:

- data/CVE/list
- data/DSA/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -36094,7 +36094,6 @@ CVE-2022-39399 (Vulnerability in the Oracle Java SE, 
Oracle GraalVM Enterprise E
        - openjdk-11 11.0.17+8-1
        [buster] - openjdk-11 <postponed> (Minor issue, fix along with next CPU)
        - openjdk-17 17.0.5+8-1
-       [bullseye] - openjdk-17 <postponed> (Minor issue, fix along with next 
CPU)
 CVE-2022-39398 (tasklists is a tasklists plugin for GLPI (Kanban). Versions 
prior to 2 ...)
        NOT-FOR-US: GLPI plugin
 CVE-2022-39397 (aliyun-oss-client is a rust client for Alibaba Cloud OSS. 
Users of thi ...)
@@ -95440,7 +95439,6 @@ CVE-2022-21628 (Vulnerability in the Oracle Java SE, 
Oracle GraalVM Enterprise E
        - openjdk-11 11.0.17+8-1
        [buster] - openjdk-11 <postponed> (Minor issue, fix along with next CPU)
        - openjdk-17 17.0.5+8-1
-       [bullseye] - openjdk-17 <postponed> (Minor issue, fix along with next 
CPU)
 CVE-2022-21627 (Vulnerability in the Oracle VM VirtualBox product of Oracle 
Virtualiza ...)
        - virtualbox 6.1.40-dfsg-1
        NOTE: 
https://www.oracle.com/security-alerts/cpuoct2022.html#AppendixOVIR
@@ -95457,7 +95455,6 @@ CVE-2022-21624 (Vulnerability in the Oracle Java SE, 
Oracle GraalVM Enterprise E
        - openjdk-11 11.0.17+8-1
        [buster] - openjdk-11 <postponed> (Minor issue, fix along with next CPU)
        - openjdk-17 17.0.5+8-1
-       [bullseye] - openjdk-17 <postponed> (Minor issue, fix along with next 
CPU)
 CVE-2022-21623 (Vulnerability in the Enterprise Manager Base Platform product 
of Oracl ...)
        NOT-FOR-US: Oracle
 CVE-2022-21622 (Vulnerability in the Oracle SOA Suite product of Oracle Fusion 
Middlew ...)
@@ -95474,10 +95471,8 @@ CVE-2022-21619 (Vulnerability in the Oracle Java SE, 
Oracle GraalVM Enterprise E
        - openjdk-11 11.0.17+8-1
        [buster] - openjdk-11 <postponed> (Minor issue, fix along with next CPU)
        - openjdk-17 17.0.5+8-1
-       [bullseye] - openjdk-17 <postponed> (Minor issue, fix along with next 
CPU)
 CVE-2022-21618 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise 
Edition ...)
        - openjdk-17 17.0.5+8-1
-       [bullseye] - openjdk-17 <postponed> (Minor issue, fix along with next 
CPU)
 CVE-2022-21617 (Vulnerability in the MySQL Server product of Oracle MySQL 
(component:  ...)
        - mysql-8.0 8.0.31-1 (bug #1024016)
 CVE-2022-21616 (Vulnerability in the Oracle WebLogic Server product of Oracle 
Fusion M ...)


=====================================
data/DSA/list
=====================================
@@ -1,3 +1,15 @@
+[01 Feb 2023] DSA-5338-1 cinder - security update
+       {CVE-2022-47951}
+       [bullseye] - cinder 2:17.0.1-1+deb11u1
+[01 Feb 2023] DSA-5337-1 nova - security update
+       {CVE-2022-47951}
+       [bullseye] - nova 2:22.0.1-2+deb11u1
+[01 Feb 2023] DSA-5336-1 glance - security update
+       {CVE-2022-47951}
+       [bullseye] - glance 2:21.0.0-2+deb11u1
+[01 Feb 2023] DSA-5335-1 openjdk-17 - security update
+       {CVE-2022-21618 CVE-2022-21619 CVE-2022-21624 CVE-2022-21628 
CVE-2022-39399 CVE-2023-21835 CVE-2023-21843}
+       [bullseye] - openjdk-17 17.0.6+10-1~deb11u1
 [29 Jan 2023] DSA-5334-1 varnish - security update
        {CVE-2022-45060}
        [bullseye] - varnish 6.5.1-1+deb11u3


=====================================
data/dsa-needed.txt
=====================================
@@ -11,13 +11,9 @@ To pick an issue, simply add your uid behind it.
 
 If needed, specify the release by adding a slash after the name of the source 
package.
 
---
-cinder (jmm)
 --
 frr
 --
-glance (jmm)
---
 jupyter-core
   Maintainer asked for availability to prepare updates
 --
@@ -32,13 +28,9 @@ linux (carnil)
 netatalk
   open regression with MacOS, tentative patch not yet merged upstream
 --
-nova (jmm)
---
 multipath-tools
   Tobias Frost proposed a potential update to be reviewed, maintainer asked to 
review changes
 --
-openjdk-17 (jmm)
---
 php-cas
 --
 php-horde-mime-viewer



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ddfadbc4d1151cea776fa042f10f8e02f9d429ea

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ddfadbc4d1151cea776fa042f10f8e02f9d429ea
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] openjdk-17,cinder,nova,glance DSAs

Reply via email to