Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
2359579d by Moritz Muehlenhoff at 2026-06-17T11:54:17+02:00
auto-nfu: Extend Oracle rule

- - - - -


2 changed files:

- data/CVE/list
- data/packages/nfu.yaml


Changes:

=====================================
data/CVE/list
=====================================
@@ -59,15 +59,15 @@ CVE-2026-46976 (Vulnerability in the Oracle Public Sector 
Payroll product of Ora
 CVE-2026-46974 (Vulnerability in the Oracle VM VirtualBox product of Oracle 
Virtualiza ...)
        - virtualbox <unfixed>
 CVE-2026-46973 (Vulnerability in the Oracle Outsourced Mfg for Discrete 
Industries pro ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2026-46972 (Vulnerability in the Oracle Outsourced Mfg for Discrete 
Industries pro ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2026-46971 (Vulnerability in the Oracle HR Intelligence product of Oracle 
E-Busine ...)
        NOT-FOR-US: Oracle
 CVE-2026-46970 (Vulnerability in the Oracle HR Intelligence product of Oracle 
E-Busine ...)
        NOT-FOR-US: Oracle
 CVE-2026-46969 (Vulnerability in the Oracle Financials for EMEA product of 
Oracle E-Bu ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2026-46967 (Vulnerability in the Oracle Public Sector Financials 
(International) p ...)
        NOT-FOR-US: Oracle
 CVE-2026-46966 (Vulnerability in the Oracle Universal Work Queue product of 
Oracle E-B ...)
@@ -95,7 +95,7 @@ CVE-2026-46956 (Vulnerability in the Oracle Property Manager 
product of Oracle E
 CVE-2026-46955 (Vulnerability in the Oracle Human Resources product of Oracle 
E-Busine ...)
        NOT-FOR-US: Oracle
 CVE-2026-46953 (Vulnerability in the Oracle HRMS (UK) product of Oracle 
E-Business Sui ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2026-46952 (Vulnerability in the Oracle Quality product of Oracle 
E-Business Suite ...)
        NOT-FOR-US: Oracle
 CVE-2026-46951 (Vulnerability in the Oracle Quality product of Oracle 
E-Business Suite ...)
@@ -133,13 +133,13 @@ CVE-2026-46932 (Vulnerability in the Oracle Enterprise 
Asset Management product
 CVE-2026-46931 (Vulnerability in the Oracle Enterprise Asset Management 
product of Ora ...)
        NOT-FOR-US: Oracle
 CVE-2026-46930 (Vulnerability in the Oracle In-Memory Cost Management for 
Discrete Ind ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2026-46929 (Vulnerability in the Oracle Cost Management product of Oracle 
E-Busine ...)
        NOT-FOR-US: Oracle
 CVE-2026-46928 (Vulnerability in the Oracle Spares Management product of 
Oracle E-Busi ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2026-46927 (Vulnerability in the Oracle Receivables product of Oracle 
E-Business S ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2026-46926 (Vulnerability in the Siebel CRM Cloud Applications product of 
Oracle S ...)
        NOT-FOR-US: Oracle
 CVE-2026-46925 (Vulnerability in the Siebel CRM Cloud Applications product of 
Oracle S ...)
@@ -367,15 +367,15 @@ CVE-2026-46786 (Vulnerability in the Oracle WebCenter 
Content product of Oracle
 CVE-2026-46785 (Vulnerability in the Oracle WebCenter Content product of 
Oracle Fusion ...)
        NOT-FOR-US: Oracle
 CVE-2026-46784 (Vulnerability in the WebCenter Content: Imaging product of 
Oracle Fusi ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2026-46783 (Vulnerability in the WebCenter Content: Imaging product of 
Oracle Fusi ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2026-46782 (Vulnerability in the Oracle WebCenter Enterprise Capture 
product of Or ...)
        NOT-FOR-US: Oracle
 CVE-2026-46781 (Vulnerability in the Oracle WebCenter Enterprise Capture 
product of Or ...)
        NOT-FOR-US: Oracle
 CVE-2026-46780 (Vulnerability in the WebCenter Content: Imaging product of 
Oracle Fusi ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2026-46779 (Vulnerability in the Oracle WebCenter Enterprise Capture 
product of Or ...)
        NOT-FOR-US: Oracle
 CVE-2026-46778 (Vulnerability in the Oracle WebCenter Enterprise Capture 
product of Or ...)
@@ -383,11 +383,11 @@ CVE-2026-46778 (Vulnerability in the Oracle WebCenter 
Enterprise Capture product
 CVE-2026-46777 (Vulnerability in the Oracle WebCenter Content product of 
Oracle Fusion ...)
        NOT-FOR-US: Oracle
 CVE-2026-46776 (Vulnerability in the Oracle Unified Directory product of 
Oracle Fusion ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2026-46774 (Vulnerability in the Oracle Unified Directory product of 
Oracle Fusion ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2026-46773 (Vulnerability in the Oracle Unified Directory product of 
Oracle Fusion ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2026-46772 (Vulnerability in the Oracle Application Development Framework 
(ADF) pr ...)
        NOT-FOR-US: Oracle
 CVE-2026-46771 (Vulnerability in the Oracle Application Development Framework 
(ADF) pr ...)
@@ -491,35 +491,35 @@ CVE-2026-35314 (Vulnerability in the Oracle Access 
Manager product of Oracle Fus
 CVE-2026-35313 (Vulnerability in the Oracle Access Manager product of Oracle 
Fusion Mi ...)
        NOT-FOR-US: Oracle
 CVE-2026-35312 (Vulnerability in the Oracle Virtual Directory product of 
Oracle Fusion ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2026-35311 (Vulnerability in the WebLogic Server product of Oracle Fusion 
Middlewa ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2026-35310 (Vulnerability in the Oracle Coherence product of Oracle Fusion 
Middlew ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2026-35309 (Vulnerability in the Oracle Coherence product of Oracle Fusion 
Middlew ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2026-35308 (Vulnerability in the Oracle Coherence product of Oracle Fusion 
Middlew ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2026-35307 (Vulnerability in the Oracle Coherence product of Oracle Fusion 
Middlew ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2026-35306 (Vulnerability in the Oracle Coherence product of Oracle Fusion 
Middlew ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2026-35305 (Vulnerability in the Oracle Coherence product of Oracle Fusion 
Middlew ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2026-35304 (Vulnerability in the Oracle Coherence product of Oracle Fusion 
Middlew ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2026-35303 (Vulnerability in the WebLogic Server product of Oracle Fusion 
Middlewa ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2026-35302 (Vulnerability in the WebLogic Server product of Oracle Fusion 
Middlewa ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2026-35301 (Vulnerability in the WebLogic Server product of Oracle Fusion 
Middlewa ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2026-35300 (Vulnerability in the WebLogic Server product of Oracle Fusion 
Middlewa ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2026-35299 (Vulnerability in the WebLogic Server product of Oracle Fusion 
Middlewa ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2026-35298 (Vulnerability in the WebLogic Server product of Oracle Fusion 
Middlewa ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2026-35296 (Vulnerability in the Oracle WebCenter Sites product of Oracle 
Fusion M ...)
        NOT-FOR-US: Oracle
 CVE-2026-35295 (Vulnerability in the Oracle WebCenter Sites product of Oracle 
Fusion M ...)
@@ -529,13 +529,13 @@ CVE-2026-35294 (Vulnerability in the Identity Manager 
Connector product of Oracl
 CVE-2026-35293 (Vulnerability in the Oracle WebCenter Sites product of Oracle 
Fusion M ...)
        NOT-FOR-US: Oracle
 CVE-2026-35292 (Vulnerability in the WebLogic Server product of Oracle Fusion 
Middlewa ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2026-35291 (Vulnerability in the WebLogic Server product of Oracle Fusion 
Middlewa ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2026-35289 (Vulnerability in the PeopleSoft Enterprise PT PeopleTools 
product of O ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2026-35288 (Vulnerability in the PeopleSoft Enterprise PT PeopleTools 
product of O ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2026-35286 (Vulnerability in the Oracle WebCenter Content product of 
Oracle Fusion ...)
        NOT-FOR-US: Oracle
 CVE-2026-35285 (Vulnerability in the Oracle WebCenter Enterprise Capture 
product of Or ...)
@@ -551,19 +551,19 @@ CVE-2026-35281 (Vulnerability in the Oracle WebCenter 
Enterprise Capture product
 CVE-2026-35280 (Vulnerability in the Oracle WebCenter Enterprise Capture 
product of Or ...)
        NOT-FOR-US: Oracle
 CVE-2026-35279 (Vulnerability in the PeopleSoft Enterprise PT PeopleTools 
product of O ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2026-35278 (Vulnerability in the PeopleSoft Enterprise PT PeopleTools 
product of O ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2026-35276 (Vulnerability in the PeopleSoft Enterprise PT PeopleTools 
product of O ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2026-35275 (Vulnerability in the Oracle VM VirtualBox product of Oracle 
Virtualiza ...)
        - virtualbox <unfixed>
 CVE-2026-35274 (Vulnerability in the PeopleSoft Enterprise PT PeopleTools 
product of O ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2026-35272 (Vulnerability in the PeopleSoft Enterprise PT PeopleTools 
product of O ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2026-35271 (Vulnerability in the PeopleSoft Enterprise PT PeopleTools 
product of O ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2026-35270 (Vulnerability in the Oracle WebCenter Content product of 
Oracle Fusion ...)
        NOT-FOR-US: Oracle
 CVE-2026-35269 (Vulnerability in the Identity Manager product of Oracle Fusion 
Middlew ...)
@@ -575,15 +575,15 @@ CVE-2026-35267 (Vulnerability in the Identity Manager 
product of Oracle Fusion M
 CVE-2026-35265 (Vulnerability in the Identity Manager product of Oracle Fusion 
Middlew ...)
        NOT-FOR-US: Oracle
 CVE-2026-35263 (Vulnerability in the WebLogic Server product of Oracle Fusion 
Middlewa ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2026-35262 (Vulnerability in the Oracle Data Integrator product of Oracle 
Fusion M ...)
        TODO: check
 CVE-2026-35261 (Vulnerability in the Oracle Access Manager product of Oracle 
Fusion Mi ...)
        NOT-FOR-US: Oracle
 CVE-2026-35259 (Vulnerability in the WebLogic Server product of Oracle Fusion 
Middlewa ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2026-35258 (Vulnerability in the WebLogic Server product of Oracle Fusion 
Middlewa ...)
-       TODO: check
+       NOT-FOR-US: Oracle
 CVE-2026-34895 (Unauthenticated Local File Inclusion in Softlab Core < 1.2.11 
versions ...)
        NOT-FOR-US: WordPress plugin or theme
 CVE-2026-34894 (Unauthenticated Local File Inclusion in Integrio Core < 1.2.8 
versions ...)


=====================================
data/packages/nfu.yaml
=====================================
@@ -606,6 +606,7 @@
       - product: Oracle Business Intelligence Enterprise Edition
       - product: Oracle Business Process Management Suite
       - product: Oracle CRM Technical Foundation
+      - product: Oracle Coherence
       - product: Oracle Commerce Platform
       - product: Oracle Common Applications
       - product: Oracle Communications Order and Service Management
@@ -614,6 +615,7 @@
       - product: Oracle Configure to Order
       - product: Oracle Configurator
       - product: Oracle Cost Management
+      - product: Oracle Data Integrator
       - product: Oracle Database Server
       - product: Oracle Enterprise Asset Management
       - product: Oracle Enterprise Command Center Framework
@@ -625,10 +627,12 @@
       - product: Oracle Financial Services Customer Screening
       - product: Oracle Financial Services Revenue Management and Billing
       - product: Oracle Financial Services Transaction Filtering
+      - product: Oracle Financials for EMEA
       - product: Oracle Fusion Middleware
       - product: Oracle GoldenGate
       - product: Oracle HCM Common Architecture
       - product: Oracle Health Sciences Data Management Workbench
+      - product: Oracle HRMS (UK)
       - product: Oracle Hospitality OPERA 5
       - product: Oracle Hospitality OPERA 5 Property Services
       - product: Oracle Hospitality Simphony
@@ -639,6 +643,7 @@
       - product: Oracle Hyperion Infrastructure Technology
       - product: Oracle Identity Manager
       - product: Oracle Identity Manager Connector
+      - prodict: Oracle In-Memory Cost Management for Discrete Industries
       - product: Oracle iSetup
       - product: Oracle iSupport
       - product: Oracle Lease and Finance Management
@@ -650,6 +655,7 @@
       - product: Oracle MES for Process Manufacturing
       - product: Oracle Marketing
       - product: Oracle Mobile Field Service
+      - product: Oracle Outsourced Mfg for Discrete Industries
       - product: Oracle Planning and Budgeting Cloud Service
       - product: Oracle Process Manufacturing Product Development
       - product: Oracle Process Manufacturing Process Planning
@@ -659,17 +665,21 @@
       - product: Oracle Public Sector Financials (International)
       - product: Oracle Public Sector Payroll
       - product: Oracle Quality
+      - product: Oracle Receivables
       - product: Oracle REST Data Services
       - product: Oracle Scripting
       - product: Oracle Secure Backup
       - product: Oracle Security Service
       - product: Oracle Smart View for Office
       - product: Oracle Solaris
+      - product: Oracle Spares Management
       - product: Oracle Subledger Accounting
       - product: Oracle Teleservice
+      - product: Oracle Unified Directory
       - product: Oracle Universal Work Queue
       - product: Oracle User Management
       - product: Oracle Utilities Application Framework
+      - product: Oracle Virtual Directory
       - product: Oracle WebCenter Content
       - product: Oracle WebCenter Enterprise Capture
       - product: Oracle WebCenter Portal
@@ -695,6 +705,7 @@
       - product: PeopleSoft Enterprise HCM Shared Components
       - product: PeopleSoft Enterprise HCM Talent Acquisition Manager
       - product: PeopleSoft Enterprise PeopleTools
+      - product: PeopleSoft Enterprise PT PeopleTools
       - product: PeopleSoft Enterprise SCM Purchasing
       - product: Primavera P6 Enterprise Project Portfolio Management
       - product: Siebel Apps - Marketing
@@ -702,6 +713,7 @@
       - product: Siebel CRM End User
       - product: Siebel CRM Deployment
       - product: Siebel CRM Integration
+      - product: WebLogic Server
 - reason: SUSE
   allOf:
     - cna: suse



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2359579d695682ef27680d1b95780a5d4ad3a09f

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2359579d695682ef27680d1b95780a5d4ad3a09f
You're receiving this email because of your account on salsa.debian.org. Manage 
all notifications: https://salsa.debian.org/-/profile/notifications | Help: 
https://salsa.debian.org/help


_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to