[Git][security-tracker-team/security-tracker][master] auto-nfu: Extend Oracle rule

Moritz Muehlenhoff (@jmm) Wed, 21 Jan 2026 02:41:05 -0800


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
33837e14 by Moritz Muehlenhoff at 2026-01-21T11:40:06+01:00
auto-nfu: Extend Oracle rule

- - - - -


2 changed files:

- data/CVE/list
- data/packages/nfu.yaml


Changes:

=====================================
data/CVE/list
=====================================
@@ -74,7 +74,7 @@ CVE-2026-21964 (Vulnerability in the MySQL Server product of 
Oracle MySQL (compo
 CVE-2026-21963 (Vulnerability in the Oracle VM VirtualBox product of Oracle 
Virtualiza ...)
        - virtualbox <unfixed>
 CVE-2026-21962 (Vulnerability in the Oracle HTTP Server, Oracle Weblogic 
Server Proxy  ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2026-21961 (Vulnerability in the PeopleSoft Enterprise HCM Human Resources 
product ...)
        NOT-FOR-US: Oracle
 CVE-2026-21960 (Vulnerability in the Oracle Applications DBA product of Oracle 
E-Busin ...)
@@ -116,7 +116,7 @@ CVE-2026-21942 (Vulnerability in the Oracle Solaris product 
of Oracle Systems (c
 CVE-2026-21941 (Vulnerability in the MySQL Server product of Oracle MySQL 
(component:  ...)
        - mysql-8.0 <unfixed>
 CVE-2026-21940 (Vulnerability in the Oracle Agile PLM product of Oracle Supply 
Chain ( ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2026-21939 (Vulnerability in the SQLcl component of Oracle Database 
Server.  Suppo ...)
        NOT-FOR-US: Oracle
 CVE-2026-21938 (Vulnerability in the PeopleSoft Enterprise PeopleTools product 
of Orac ...)
@@ -142,7 +142,7 @@ CVE-2026-21932 (Vulnerability in the Oracle Java SE, Oracle 
GraalVM for JDK, Ora
        - openjdk-21 <unfixed>
        - openjdk-25 <unfixed>
 CVE-2026-21931 (Vulnerability in the Oracle APEX Sample Applications product 
of Oracle ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2026-21930 (Vulnerability in the Oracle ZFS Storage Appliance Kit product 
of Oracl ...)
        NOT-FOR-US: Oracle
 CVE-2026-21929 (Vulnerability in the MySQL Server product of Oracle MySQL 
(component:  ...)
@@ -152,7 +152,7 @@ CVE-2026-21928 (Vulnerability in the Oracle Solaris product 
of Oracle Systems (c
 CVE-2026-21927 (Vulnerability in the Oracle Solaris product of Oracle Systems 
(compone ...)
        NOT-FOR-US: Oracle
 CVE-2026-21926 (Vulnerability in the Siebel CRM Deployment product of Oracle 
Siebel CR ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2026-21925 (Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, 
Oracle Gr ...)
        - openjdk-8 <unfixed>
        - openjdk-11 <unfixed>
@@ -160,7 +160,7 @@ CVE-2026-21925 (Vulnerability in the Oracle Java SE, Oracle 
GraalVM for JDK, Ora
        - openjdk-21 <unfixed>
        - openjdk-25 <unfixed>
 CVE-2026-21924 (Vulnerability in the Oracle Utilities Application Framework 
product of ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2026-21923 (Vulnerability in the Oracle Life Sciences Central Designer 
product of  ...)
        NOT-FOR-US: Oracle
 CVE-2026-21922 (Vulnerability in the Oracle Planning and Budgeting Cloud 
Service produ ...)


=====================================
data/packages/nfu.yaml
=====================================
@@ -494,6 +494,7 @@
       - product: Identity Manager
       - product: JD Edwards EnterpriseOne Tools
       - product: MySQL Cluster
+      - product: Oracle Agile PLM
       - product: Oracle Agile Product Lifecycle Management for Process
       - product: Oracle Application Express
       - product: Oracle Application Object Library
@@ -538,6 +539,7 @@
       - product: Oracle Teleservice
       - product: Oracle Universal Work Queue
       - product: Oracle User Management
+      - product: Oracle Utilities Application Framework
       - product: Oracle WebLogic Server
       - product: Oracle Workflow
       - product: Oracle Zero Data Loss Recovery Appliance Software
@@ -555,6 +557,7 @@
       - product: PeopleSoft Enterprise SCM Purchasing
       - product: Primavera P6 Enterprise Project Portfolio Management
       - product: Siebel CRM End User
+      - product: Siebel CRM Deployment
 - reason: SUSE
   allOf:
     - cna: suse



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/33837e14ed57c7efb66274c032f8339c095444c5

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/33837e14ed57c7efb66274c032f8339c095444c5
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] auto-nfu: Extend Oracle rule

Reply via email to