[Git][security-tracker-team/security-tracker][master] auto-nfu: Extend Oracle rule

Moritz Muehlenhoff (@jmm) Wed, 21 Jan 2026 01:19:28 -0800


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
8356c40e by Moritz Muehlenhoff at 2026-01-21T10:18:50+01:00
auto-nfu: Extend Oracle rule

- - - - -


2 changed files:

- data/CVE/list
- data/packages/nfu.yaml


Changes:

=====================================
data/CVE/list
=====================================
@@ -38,27 +38,27 @@ CVE-2026-21982 (Vulnerability in the Oracle VM VirtualBox 
product of Oracle Virt
 CVE-2026-21981 (Vulnerability in the Oracle VM VirtualBox product of Oracle 
Virtualiza ...)
        - virtualbox <unfixed>
 CVE-2026-21980 (Vulnerability in the Oracle Life Sciences Central Coding 
product of Or ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2026-21979 (Vulnerability in the Oracle Planning and Budgeting Cloud 
Service produ ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2026-21978 (Vulnerability in the Oracle FLEXCUBE Universal Banking product 
of Orac ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2026-21977 (Vulnerability in the Oracle Zero Data Loss Recovery Appliance 
Software ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2026-21976 (Vulnerability in the Oracle Business Intelligence Enterprise 
Edition p ...)
        NOT-FOR-US: Oracle
 CVE-2026-21975 (Vulnerability in the Java VM component of Oracle Database 
Server.  Sup ...)
        NOT-FOR-US: Oracle
 CVE-2026-21974 (Vulnerability in the Oracle Life Sciences Central Designer 
product of  ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2026-21973 (Vulnerability in the Oracle FLEXCUBE Investor Servicing 
product of Ora ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2026-21972 (Vulnerability in the Oracle Configurator product of Oracle 
E-Business  ...)
        NOT-FOR-US: Oracle
 CVE-2026-21971 (Vulnerability in the PeopleSoft Enterprise SCM Purchasing 
product of O ...)
        TODO: check
 CVE-2026-21970 (Vulnerability in the Oracle Life Sciences Central Designer 
product of  ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2026-21969 (Vulnerability in the Oracle Agile Product Lifecycle Management 
for Pro ...)
        TODO: check
 CVE-2026-21968 (Vulnerability in the MySQL Server product of Oracle MySQL 
(component:  ...)
@@ -146,9 +146,9 @@ CVE-2026-21925 (Vulnerability in the Oracle Java SE, Oracle 
GraalVM for JDK, Ora
 CVE-2026-21924 (Vulnerability in the Oracle Utilities Application Framework 
product of ...)
        TODO: check
 CVE-2026-21923 (Vulnerability in the Oracle Life Sciences Central Designer 
product of  ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2026-21922 (Vulnerability in the Oracle Planning and Budgeting Cloud 
Service produ ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2026-21664 (HackerOne community member Huynh Pham Thanh Luc (nigh7c0r3) 
has report ...)
        TODO: check
 CVE-2026-21663 (HackerOne community member Patrick Lang (7yr) has reported a 
reflected ...)


=====================================
data/packages/nfu.yaml
=====================================
@@ -509,6 +509,8 @@
       - product: Oracle Configurator
       - product: Oracle Database Server
       - product: Oracle Essbase
+      - product: Oracle FLEXCUBE Investor Servicing
+      - product: Oracle FLEXCUBE Universal Banking
       - product: Oracle Financial Services Analytical Applications 
Infrastructure
       - product: Oracle Financial Services Revenue Management and Billing
       - product: Oracle Health Sciences Data Management Workbench
@@ -516,10 +518,13 @@
       - product: Oracle Hyperion Financial Reporting
       - product: Oracle Lease and Finance Management
       - product: Oracle Life Sciences InForm
+      - product: Oracle Life Sciences Central Coding
+      - product: Oracle Life Sciences Central Designer
       - product: Oracle Marketing
       - product: Oracle MES for Process Manufacturing
       - product: Oracle Marketing
       - product: Oracle Mobile Field Service
+      - product: Oracle Planning and Budgeting Cloud Service
       - product: Oracle Product Hub
       - product: Oracle REST Data Services
       - product: Oracle Scripting
@@ -531,6 +536,7 @@
       - product: Oracle User Management
       - product: Oracle WebLogic Server
       - product: Oracle Workflow
+      - product: Oracle Zero Data Loss Recovery Appliance Software
       - product: Oracle ZFS Storage Appliance Kit
       - product: Oracle iStore
       - product: Oracle iSupplier Portal



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8356c40e0dee29d334c28e7b82616ebc163fe150

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8356c40e0dee29d334c28e7b82616ebc163fe150
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] auto-nfu: Extend Oracle rule

Reply via email to