Emilio Pozuelo Monfort pushed to branch master at Debian Security Tracker / security-tracker
Commits: ed903dd2 by Emilio Pozuelo Monfort at 2022-10-24T10:17:26+02:00 lts: triage openjdk-11 issues as postponed We follow upstream releases for OpenJDK, and thus follow stable. - - - - - 2 changed files: - data/CVE/list - data/dla-needed.txt Changes: ===================================== data/CVE/list ===================================== @@ -10348,6 +10348,7 @@ CVE-2022-39400 (Vulnerability in the MySQL Server product of Oracle MySQL (compo CVE-2022-39399 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...) - openjdk-11 11.0.17+8-1 [bullseye] - openjdk-11 <postponed> (Minor issue, fix along with next CPU) + [buster] - openjdk-11 <postponed> (Minor issue, fix along with next CPU) - openjdk-17 17.0.5+8-1 [bullseye] - openjdk-17 <postponed> (Minor issue, fix along with next CPU) CVE-2022-39398 @@ -69154,6 +69155,7 @@ CVE-2022-21628 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise E - openjdk-8 8u352-ga-1 - openjdk-11 11.0.17+8-1 [bullseye] - openjdk-11 <postponed> (Minor issue, fix along with next CPU) + [buster] - openjdk-11 <postponed> (Minor issue, fix along with next CPU) - openjdk-17 17.0.5+8-1 [bullseye] - openjdk-17 <postponed> (Minor issue, fix along with next CPU) CVE-2022-21627 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...) @@ -69163,12 +69165,14 @@ CVE-2022-21626 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise E - openjdk-8 8u352-ga-1 - openjdk-11 11.0.17+8-1 [bullseye] - openjdk-11 <postponed> (Minor issue, fix along with next CPU) + [buster] - openjdk-11 <postponed> (Minor issue, fix along with next CPU) CVE-2022-21625 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) - mysql-8.0 <unfixed> CVE-2022-21624 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...) - openjdk-8 8u352-ga-1 - openjdk-11 11.0.17+8-1 [bullseye] - openjdk-11 <postponed> (Minor issue, fix along with next CPU) + [buster] - openjdk-11 <postponed> (Minor issue, fix along with next CPU) - openjdk-17 17.0.5+8-1 [bullseye] - openjdk-17 <postponed> (Minor issue, fix along with next CPU) CVE-2022-21623 (Vulnerability in the Enterprise Manager Base Platform product of Oracl ...) @@ -69185,6 +69189,7 @@ CVE-2022-21619 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise E - openjdk-8 8u352-ga-1 - openjdk-11 11.0.17+8-1 [bullseye] - openjdk-11 <postponed> (Minor issue, fix along with next CPU) + [buster] - openjdk-11 <postponed> (Minor issue, fix along with next CPU) - openjdk-17 <unfixed> [bullseye] - openjdk-17 <postponed> (Minor issue, fix along with next CPU) CVE-2022-21618 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...) ===================================== data/dla-needed.txt ===================================== @@ -122,8 +122,6 @@ openexr NOTE: 20220904: Programming language: C++. NOTE: 20220904: Should be synced with Stretch. (apo) -- -openjdk-11 (Emilio) --- openvswitch (Thorsten Alteholz) NOTE: 20220911: No known patch for this problem. -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ed903dd2a86c9d06d01331e693638f93db6072fb -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ed903dd2a86c9d06d01331e693638f93db6072fb You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits