[Secure-testing-commits] r31567 - data/CVE

Tue, 20 Jan 2015 22:44:54 -0800 

Author: jmm
Date: 2015-01-21 06:44:36 +0000 (Wed, 21 Jan 2015)
New Revision: 31567

Modified:
   data/CVE/list
Log:
new openjdk issues
new icu issues


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2015-01-21 05:57:58 UTC (rev 31566)
+++ data/CVE/list       2015-01-21 06:44:36 UTC (rev 31567)
@@ -2536,6 +2536,7 @@
        RESERVED
 CVE-2015-0437
        RESERVED
+       - openjdk-8 <unfixed>
 CVE-2015-0436
        RESERVED
 CVE-2015-0435
@@ -2573,6 +2574,7 @@
        RESERVED
 CVE-2015-0421
        RESERVED
+       - openjdk-8 <unfixed>
 CVE-2015-0420
        RESERVED
 CVE-2015-0419
@@ -2589,8 +2591,14 @@
        RESERVED
 CVE-2015-0413
        RESERVED
+       - openjdk-7 <undetermined>
+       - openjdk-8 <undetermined>
+       NOTE: Likely specific to Oracle Java, wait a bit until more details 
come up
 CVE-2015-0412
        RESERVED
+       - openjdk-6 <unfixed>
+       - openjdk-7 <unfixed>
+       - openjdk-8 <unfixed>
 CVE-2015-0411
        RESERVED
        - mysql-5.5 <unfixed> (bug #775881)
@@ -2600,6 +2608,9 @@
        NOTE: 
http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html#AppendixMSQL
 CVE-2015-0410
        RESERVED
+       - openjdk-6 <unfixed>
+       - openjdk-7 <unfixed>
+       - openjdk-8 <unfixed>
 CVE-2015-0409
        RESERVED
        - mysql-5.5 <not-affected> (Only MySQL 5.6)
@@ -2609,22 +2620,37 @@
        NOTE: 
http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html#AppendixMSQL
 CVE-2015-0408
        RESERVED
+       - openjdk-6 <unfixed>
+       - openjdk-7 <unfixed>
+       - openjdk-8 <unfixed>
 CVE-2015-0407
        RESERVED
+       - openjdk-6 <unfixed>
+       - openjdk-7 <unfixed>
+       - openjdk-8 <unfixed>
 CVE-2015-0406
        RESERVED
+       - openjdk-6 <not-affected> (Deployment components not part of OpenJDK, 
only present in Oracle Java)
+       - openjdk-7 <not-affected> (Deployment components not part of OpenJDK, 
only present in Oracle Java)
+       - openjdk-8 <not-affected> (Deployment components not part of OpenJDK, 
only present in Oracle Java)
 CVE-2015-0405
        RESERVED
 CVE-2015-0404
        RESERVED
 CVE-2015-0403
        RESERVED
+       - openjdk-6 <not-affected> (Deployment components not part of OpenJDK, 
only present in Oracle Java)
+       - openjdk-7 <not-affected> (Deployment components not part of OpenJDK, 
only present in Oracle Java)
+       - openjdk-8 <not-affected> (Deployment components not part of OpenJDK, 
only present in Oracle Java)
 CVE-2015-0402
        RESERVED
 CVE-2015-0401
        RESERVED
 CVE-2015-0400
        RESERVED
+       - openjdk-6 <not-affected> (This only affects Java on Windows)
+       - openjdk-7 <not-affected> (This only affects Java on Windows)
+       - openjdk-8 <not-affected> (This only affects Java on Windows)
 CVE-2015-0399
        RESERVED
 CVE-2015-0398
@@ -2635,6 +2661,9 @@
        RESERVED
 CVE-2015-0395
        RESERVED
+       - openjdk-6 <unfixed>
+       - openjdk-7 <unfixed>
+       - openjdk-8 <unfixed>
 CVE-2015-0394
        RESERVED
 CVE-2015-0393
@@ -2670,6 +2699,9 @@
        RESERVED
 CVE-2015-0383
        RESERVED
+       - openjdk-6 <unfixed>
+       - openjdk-7 <unfixed>
+       - openjdk-8 <unfixed>
 CVE-2015-0382
        RESERVED
        - mysql-5.5 <unfixed> (bug #775881)
@@ -10391,6 +10423,9 @@
        NOT-FOR-US: M/Monit
 CVE-2014-6601
        RESERVED
+       - openjdk-6 <unfixed>
+       - openjdk-7 <unfixed>
+       - openjdk-8 <unfixed>
 CVE-2014-6600
        RESERVED
 CVE-2014-6599
@@ -10407,10 +10442,17 @@
        RESERVED
 CVE-2014-6593
        RESERVED
+       - openjdk-6 <unfixed>
+       - openjdk-7 <unfixed>
+       - openjdk-8 <unfixed>
 CVE-2014-6592
        RESERVED
 CVE-2014-6591
        RESERVED
+       - openjdk-6 <unfixed>
+       - openjdk-7 <unfixed>
+       - openjdk-8 <unfixed>
+       - icu
 CVE-2014-6590
        RESERVED
 CVE-2014-6589
@@ -10419,10 +10461,17 @@
        RESERVED
 CVE-2014-6587
        RESERVED
+       - openjdk-6 <unfixed>
+       - openjdk-7 <unfixed>
+       - openjdk-8 <unfixed>
 CVE-2014-6586
        RESERVED
 CVE-2014-6585
        RESERVED
+       - openjdk-6 <unfixed>
+       - openjdk-7 <unfixed>
+       - openjdk-8 <unfixed>
+       - icu <unfixed>
 CVE-2014-6584
        RESERVED
 CVE-2014-6583
@@ -10517,6 +10566,7 @@
        NOT-FOR-US: Oracle
 CVE-2014-6549
        RESERVED
+       - openjdk-8 <unfixed>
 CVE-2014-6548
        RESERVED
 CVE-2014-6547 (Unspecified vulnerability in the JPublisher component in Oracle 
...)
@@ -17898,11 +17948,7 @@
        [squeeze] - nss <no-dsa> (Upstream doesn't plan to disable SSLv3, stick 
with that)
        [wheezy] - nss <no-dsa> (Upstream doesn't plan to disable SSLv3, stick 
with that)
        - openjdk-6 <unfixed>
-       [squeeze] - openjdk-6 <no-dsa> (Upstream doesn't plan to disable SSLv3, 
stick with that)
-       [wheezy] - openjdk-6 <no-dsa> (Upstream doesn't plan to disable SSLv3, 
stick with that)
        - openjdk-7 <unfixed>
-       [wheezy] - openjdk-7 <no-dsa> (Upstream doesn't plan to disable SSLv3, 
stick with that)
-       [jessie] - openjdk-7 <no-dsa> (Upstream doesn't plan to disable SSLv3, 
stick with that)
        - openjdk-8 <unfixed>
        - polarssl 1.3.9-2
        [wheezy] - polarssl <no-dsa> (Minor issue)


_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to