[Git][security-tracker-team/security-tracker][master] auto-nfu: Extend Oracle rule

Moritz Muehlenhoff (@jmm) Wed, 21 Jan 2026 02:12:42 -0800


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
0a6662cc by Moritz Muehlenhoff at 2026-01-21T11:12:03+01:00
auto-nfu: Extend Oracle rule

- - - - -


2 changed files:

- data/CVE/list
- data/packages/nfu.yaml


Changes:

=====================================
data/CVE/list
=====================================
@@ -56,17 +56,17 @@ CVE-2026-21973 (Vulnerability in the Oracle FLEXCUBE 
Investor Servicing product
 CVE-2026-21972 (Vulnerability in the Oracle Configurator product of Oracle 
E-Business  ...)
        NOT-FOR-US: Oracle
 CVE-2026-21971 (Vulnerability in the PeopleSoft Enterprise SCM Purchasing 
product of O ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2026-21970 (Vulnerability in the Oracle Life Sciences Central Designer 
product of  ...)
        NOT-FOR-US: Oracle
 CVE-2026-21969 (Vulnerability in the Oracle Agile Product Lifecycle Management 
for Pro ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2026-21968 (Vulnerability in the MySQL Server product of Oracle MySQL 
(component:  ...)
        TODO: check
 CVE-2026-21967 (Vulnerability in the Oracle Hospitality OPERA 5 product of 
Oracle Hosp ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2026-21966 (Vulnerability in the Oracle Hospitality OPERA 5 Property 
Services prod ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2026-21965 (Vulnerability in the MySQL Server product of Oracle MySQL 
(component:  ...)
        TODO: check
 CVE-2026-21964 (Vulnerability in the MySQL Server product of Oracle MySQL 
(component:  ...)
@@ -76,9 +76,9 @@ CVE-2026-21963 (Vulnerability in the Oracle VM VirtualBox 
product of Oracle Virt
 CVE-2026-21962 (Vulnerability in the Oracle HTTP Server, Oracle Weblogic 
Server Proxy  ...)
        TODO: check
 CVE-2026-21961 (Vulnerability in the PeopleSoft Enterprise HCM Human Resources 
product ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2026-21960 (Vulnerability in the Oracle Applications DBA product of Oracle 
E-Busin ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2026-21959 (Vulnerability in the Oracle Workflow product of Oracle 
E-Business Suit ...)
        NOT-FOR-US: Oracle
 CVE-2026-21957 (Vulnerability in the Oracle VM VirtualBox product of Oracle 
Virtualiza ...)
@@ -108,7 +108,7 @@ CVE-2026-21945 (Vulnerability in the Oracle Java SE, Oracle 
GraalVM for JDK, Ora
        - openjdk-21 <unfixed>
        - openjdk-25 <unfixed>
 CVE-2026-21944 (Vulnerability in the Oracle Agile Product Lifecycle Management 
for Pro ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2026-21943 (Vulnerability in the Oracle Scripting product of Oracle 
E-Business Sui ...)
        NOT-FOR-US: Oracle
 CVE-2026-21942 (Vulnerability in the Oracle Solaris product of Oracle Systems 
(compone ...)


=====================================
data/packages/nfu.yaml
=====================================
@@ -494,8 +494,10 @@
       - product: Identity Manager
       - product: JD Edwards EnterpriseOne Tools
       - product: MySQL Cluster
+      - product: Oracle Agile Product Lifecycle Management for Process
       - product: Oracle Application Express
       - product: Oracle Application Object Library
+      - product: Oracle Applications DBA
       - product: Oracle Applications Framework
       - product: Oracle Applications Manager
       - product: Oracle Applications Technology Stack
@@ -514,6 +516,8 @@
       - product: Oracle Financial Services Analytical Applications 
Infrastructure
       - product: Oracle Financial Services Revenue Management and Billing
       - product: Oracle Health Sciences Data Management Workbench
+      - product: Oracle Hospitality OPERA 5
+      - product: Oracle Hospitality OPERA 5 Property Services
       - product: Oracle Hospitality Simphony
       - product: Oracle Hyperion Financial Reporting
       - product: Oracle Lease and Finance Management
@@ -544,9 +548,11 @@
       - product: PeopleSoft Enterprise FIN IT Asset Management
       - product: PeopleSoft Enterprise FIN Maintenance Management
       - product: PeopleSoft Enterprise FIN Payables
+      - product: PeopleSoft Enterprise HCM Human Resources
       - product: PeopleSoft Enterprise HCM Global Payroll Core
       - product: PeopleSoft Enterprise HCM Talent Acquisition Manager
       - product: PeopleSoft Enterprise PeopleTools
+      - product: PeopleSoft Enterprise SCM Purchasing
       - product: Primavera P6 Enterprise Project Portfolio Management
       - product: Siebel CRM End User
 - reason: SUSE



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0a6662cc992516a80d6380e82aff472561ccd192

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0a6662cc992516a80d6380e82aff472561ccd192
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] auto-nfu: Extend Oracle rule

Reply via email to