[Git][security-tracker-team/security-tracker][master] initial batch of mysql issues

Moritz Muehlenhoff (@jmm) Wed, 22 Jan 2025 04:41:10 -0800


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
be07e8d4 by Moritz Muehlenhoff at 2025-01-22T13:40:41+01:00
initial batch of mysql issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -31,7 +31,7 @@ CVE-2025-21568 (Vulnerability in the Oracle Hyperion Data 
Relationship Managemen
 CVE-2025-21567 (Vulnerability in the MySQL Server product of Oracle MySQL 
(component:  ...)
        TODO: check
 CVE-2025-21566 (Vulnerability in the MySQL Server product of Oracle MySQL 
(component:  ...)
-       TODO: check
+       - mysql-8.0 <not-affected> (Specific to MySQL 9)
 CVE-2025-21565 (Vulnerability in the Oracle Agile PLM Framework product of 
Oracle Supp ...)
        NOT-FOR-US: Oracle
 CVE-2025-21564 (Vulnerability in the Oracle Agile PLM Framework product of 
Oracle Supp ...)
@@ -45,7 +45,7 @@ CVE-2025-21561 (Vulnerability in the PeopleSoft Enterprise 
SCM Purchasing produc
 CVE-2025-21560 (Vulnerability in the Oracle Agile PLM Framework product of 
Oracle Supp ...)
        NOT-FOR-US: Oracle
 CVE-2025-21559 (Vulnerability in the MySQL Server product of Oracle MySQL 
(component:  ...)
-       TODO: check
+       - mysql-8.0 <unfixed>
 CVE-2025-21558 (Vulnerability in the Primavera P6 Enterprise Project Portfolio 
Managem ...)
        NOT-FOR-US: Oracle
 CVE-2025-21557 (Vulnerability in Oracle Application Express (component: 
General).  Sup ...)
@@ -53,7 +53,7 @@ CVE-2025-21557 (Vulnerability in Oracle Application Express 
(component: General)
 CVE-2025-21556 (Vulnerability in the Oracle Agile PLM Framework product of 
Oracle Supp ...)
        NOT-FOR-US: Oracle
 CVE-2025-21555 (Vulnerability in the MySQL Server product of Oracle MySQL 
(component:  ...)
-       TODO: check
+       - mysql-8.0 <unfixed>
 CVE-2025-21554 (Vulnerability in the Oracle Communications Order and Service 
Managemen ...)
        NOT-FOR-US: Oracle
 CVE-2025-21553 (Vulnerability in the Java VM component of Oracle Database 
Server.  Sup ...)
@@ -77,13 +77,13 @@ CVE-2025-21545 (Vulnerability in the PeopleSoft Enterprise 
PeopleTools product o
 CVE-2025-21544 (Vulnerability in the Oracle Communications Order and Service 
Managemen ...)
        NOT-FOR-US: Oracle
 CVE-2025-21543 (Vulnerability in the MySQL Server product of Oracle MySQL 
(component:  ...)
-       TODO: check
+       - mysql-8.0 <unfixed>
 CVE-2025-21542 (Vulnerability in the Oracle Communications Order and Service 
Managemen ...)
        NOT-FOR-US: Oracle
 CVE-2025-21541 (Vulnerability in the Oracle Workflow product of Oracle 
E-Business Suit ...)
        NOT-FOR-US: Oracle
 CVE-2025-21540 (Vulnerability in the MySQL Server product of Oracle MySQL 
(component:  ...)
-       TODO: check
+       - mysql-8.0 <unfixed>
 CVE-2025-21539 (Vulnerability in the PeopleSoft Enterprise FIN eSettlements 
product of ...)
        NOT-FOR-US: Oracle
 CVE-2025-21538 (Vulnerability in the JD Edwards EnterpriseOne Tools product of 
Oracle  ...)
@@ -91,21 +91,21 @@ CVE-2025-21538 (Vulnerability in the JD Edwards 
EnterpriseOne Tools product of O
 CVE-2025-21537 (Vulnerability in the PeopleSoft Enterprise FIN Cash Management 
product ...)
        NOT-FOR-US: Oracle
 CVE-2025-21536 (Vulnerability in the MySQL Server product of Oracle MySQL 
(component:  ...)
-       TODO: check
+       - mysql-8.0 8.0.40-1
 CVE-2025-21535 (Vulnerability in the Oracle WebLogic Server product of Oracle 
Fusion M ...)
        NOT-FOR-US: Oracle
 CVE-2025-21534 (Vulnerability in the MySQL Server product of Oracle MySQL 
(component:  ...)
-       TODO: check
+       - mysql-8.0 8.0.40-1
 CVE-2025-21533 (Vulnerability in the Oracle VM VirtualBox product of Oracle 
Virtualiza ...)
        - virtualbox <unfixed>
 CVE-2025-21532 (Vulnerability in the Oracle Analytics Desktop product of 
Oracle Analyt ...)
        NOT-FOR-US: Oracle
 CVE-2025-21531 (Vulnerability in the MySQL Server product of Oracle MySQL 
(component:  ...)
-       TODO: check
+       - mysql-8.0 <unfixed>
 CVE-2025-21530 (Vulnerability in the PeopleSoft Enterprise PeopleTools product 
of Orac ...)
        NOT-FOR-US: Oracle
 CVE-2025-21529 (Vulnerability in the MySQL Server product of Oracle MySQL 
(component:  ...)
-       TODO: check
+       - mysql-8.0 <unfixed>
 CVE-2025-21528 (Vulnerability in the Primavera P6 Enterprise Project Portfolio 
Managem ...)
        NOT-FOR-US: Oracle
 CVE-2025-21527 (Vulnerability in the JD Edwards EnterpriseOne Tools product of 
Oracle  ...)
@@ -113,21 +113,21 @@ CVE-2025-21527 (Vulnerability in the JD Edwards 
EnterpriseOne Tools product of O
 CVE-2025-21526 (Vulnerability in the Primavera P6 Enterprise Project Portfolio 
Managem ...)
        NOT-FOR-US: Oracle
 CVE-2025-21525 (Vulnerability in the MySQL Server product of Oracle MySQL 
(component:  ...)
-       TODO: check
+       - mysql-8.0 8.0.40-1
 CVE-2025-21524 (Vulnerability in the JD Edwards EnterpriseOne Tools product of 
Oracle  ...)
        NOT-FOR-US: Oracle
 CVE-2025-21523 (Vulnerability in the MySQL Server product of Oracle MySQL 
(component:  ...)
-       TODO: check
+       - mysql-8.0 <unfixed>
 CVE-2025-21522 (Vulnerability in the MySQL Server product of Oracle MySQL 
(component:  ...)
-       TODO: check
+       - mysql-8.0 <unfixed>
 CVE-2025-21521 (Vulnerability in the MySQL Server product of Oracle MySQL 
(component:  ...)
-       TODO: check
+       - mysql-8.0 8.0.40-1
 CVE-2025-21520 (Vulnerability in the MySQL Server product of Oracle MySQL 
(component:  ...)
        TODO: check
 CVE-2025-21519 (Vulnerability in the MySQL Server product of Oracle MySQL 
(component:  ...)
        TODO: check
 CVE-2025-21518 (Vulnerability in the MySQL Server product of Oracle MySQL 
(component:  ...)
-       TODO: check
+       - mysql-8.0 <unfixed>
 CVE-2025-21517 (Vulnerability in the JD Edwards EnterpriseOne Tools product of 
Oracle  ...)
        NOT-FOR-US: Oracle
 CVE-2025-21516 (Vulnerability in the Oracle Customer Care product of Oracle 
E-Business ...)
@@ -153,26 +153,26 @@ CVE-2025-21507 (Vulnerability in the JD Edwards 
EnterpriseOne Tools product of O
 CVE-2025-21506 (Vulnerability in the Oracle Project Foundation product of 
Oracle E-Bus ...)
        NOT-FOR-US: Oracle
 CVE-2025-21505 (Vulnerability in the MySQL Server product of Oracle MySQL 
(component:  ...)
-       TODO: check
+       - mysql-8.0 <unfixed>
 CVE-2025-21504 (Vulnerability in the MySQL Server product of Oracle MySQL 
(component:  ...)
-       TODO: check
+       - mysql-8.0 8.0.40-1
 CVE-2025-21503 (Vulnerability in the MySQL Server product of Oracle MySQL 
(component:  ...)
-       TODO: check
+       - mysql-8.0 <unfixed>
 CVE-2025-21502 (Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, 
Oracle Gr ...)
        - openjdk-8 <unfixed>
        - openjdk-11 11.0.26+4-1
        - openjdk-17 17.0.14+7-1
        - openjdk-21 21.0.6+7-1
 CVE-2025-21501 (Vulnerability in the MySQL Server product of Oracle MySQL 
(component:  ...)
-       TODO: check
+       - mysql-8.0 <unfixed>
 CVE-2025-21500 (Vulnerability in the MySQL Server product of Oracle MySQL 
(component:  ...)
-       TODO: check
+       - mysql-8.0 <unfixed>
 CVE-2025-21499 (Vulnerability in the MySQL Server product of Oracle MySQL 
(component:  ...)
-       TODO: check
+       - mysql-8.0 <not-affected> (Only affects MySQL 8.4 and later)
 CVE-2025-21498 (Vulnerability in the Oracle HTTP Server product of Oracle 
Fusion Middl ...)
        NOT-FOR-US: Oracle
 CVE-2025-21497 (Vulnerability in the MySQL Server product of Oracle MySQL 
(component:  ...)
-       TODO: check
+       - mysql-8.0 <unfixed>
 CVE-2025-21495 (Vulnerability in the MySQL Enterprise Firewall product of 
Oracle MySQL ...)
        TODO: check
 CVE-2025-21494 (Vulnerability in the MySQL Server product of Oracle MySQL 
(component:  ...)
@@ -180,11 +180,11 @@ CVE-2025-21494 (Vulnerability in the MySQL Server product 
of Oracle MySQL (compo
 CVE-2025-21493 (Vulnerability in the MySQL Server product of Oracle MySQL 
(component:  ...)
        TODO: check
 CVE-2025-21492 (Vulnerability in the MySQL Server product of Oracle MySQL 
(component:  ...)
-       TODO: check
+       - mysql-8.0 8.0.37-1
 CVE-2025-21491 (Vulnerability in the MySQL Server product of Oracle MySQL 
(component:  ...)
-       TODO: check
+       - mysql-8.0 <unfixed>
 CVE-2025-21490 (Vulnerability in the MySQL Server product of Oracle MySQL 
(component:  ...)
-       TODO: check
+       - mysql-8.0 <unfixed>
 CVE-2025-21489 (Vulnerability in the Oracle Advanced Outbound Telephony 
product of Ora ...)
        NOT-FOR-US: Oracle
 CVE-2025-20617 (Improper neutralization of special elements used in an OS 
command ('OS ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/be07e8d44ec9104660fc99c1c47d81a51f676577

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/be07e8d44ec9104660fc99c1c47d81a51f676577
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] initial batch of mysql issues

Reply via email to