Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
01c88b5b by Salvatore Bonaccorso at 2024-10-21T21:53:01+02:00
Reference Debian bugs as reported for various CVEs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -2219,7 +2219,7 @@ CVE-2024-21237 (Vulnerability in the MySQL Server product
of Oracle MySQL (compo
CVE-2024-21236 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
- mysql-8.0 8.0.40-1 (bug #1085294)
CVE-2024-21235 (Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK,
Oracle Gr ...)
- - openjdk-8 <unfixed>
+ - openjdk-8 <unfixed> (bug #1085696)
- openjdk-11 11.0.25+9-1
- openjdk-17 17.0.13+11-1
- openjdk-21 21.0.5+11-1
@@ -2239,7 +2239,7 @@ CVE-2024-21219 (Vulnerability in the MySQL Server product
of Oracle MySQL (compo
CVE-2024-21218 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
- mysql-8.0 8.0.40-1 (bug #1085294)
CVE-2024-21217 (Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK,
Oracle Gr ...)
- - openjdk-8 <unfixed>
+ - openjdk-8 <unfixed> (bug #1085696)
- openjdk-11 11.0.25+9-1
- openjdk-17 17.0.13+11-1
- openjdk-21 21.0.5+11-1
@@ -2257,7 +2257,7 @@ CVE-2024-21212 (Vulnerability in the MySQL Server product
of Oracle MySQL (compo
CVE-2024-21211 (Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK,
Oracle Gr ...)
- openjdk-23 23.0.1+11-1
CVE-2024-21210 (Vulnerability in Oracle Java SE (component: Hotspot).
Supported versi ...)
- - openjdk-8 <unfixed>
+ - openjdk-8 <unfixed> (bug #1085696)
- openjdk-11 11.0.25+9-1
- openjdk-17 17.0.13+11-1
- openjdk-21 21.0.5+11-1
@@ -2265,7 +2265,7 @@ CVE-2024-21210 (Vulnerability in Oracle Java SE
(component: Hotspot). Supported
CVE-2024-21209 (Vulnerability in the MySQL Client product of Oracle MySQL
(component: ...)
- mysql-8.0 <not-affected> (Only affects 8.4 and later)
CVE-2024-21208 (Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK,
Oracle Gr ...)
- - openjdk-8 <unfixed>
+ - openjdk-8 <unfixed> (bug #1085696)
- openjdk-11 11.0.25+9-1
- openjdk-17 17.0.13+11-1
- openjdk-21 21.0.5+11-1
@@ -2404,12 +2404,12 @@ CVE-2024-8184 (There exists a security vulnerability in
Jetty's ThreadLimitHandl
CVE-2024-7847 (VULNERABILITY DETAILS Rockwell Automation used the latest
versions of ...)
NOT-FOR-US: Rockwell Automation
CVE-2024-6763 (Eclipse Jetty is a lightweight, highly scalable, Java-based web
server ...)
- - jetty9 <unfixed>
+ - jetty9 <unfixed> (bug #1085698)
- jetty <removed>
NOTE:
https://github.com/jetty/jetty.project/security/advisories/GHSA-qh8g-58pp-2wxh
NOTE: https://github.com/jetty/jetty.project/pull/12012
CVE-2024-6762 (Jetty PushSessionCacheFilter can be exploited by
unauthenticated users ...)
- - jetty9 <unfixed>
+ - jetty9 <unfixed> (bug #1085697)
- jetty <removed>
NOTE:
https://github.com/jetty/jetty.project/security/advisories/GHSA-r7m4-f9h5-gr79
NOTE: https://github.com/jetty/jetty.project/pull/9715
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/01c88b5bfc2ee78d8d40a8e44f04c6c52c0df21a
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/01c88b5bfc2ee78d8d40a8e44f04c6c52c0df21a
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
