openjdk-11

buster triage

2 files changed, 12 insertions, 8 deletions

diff --git a/data/CVE/list b/data/CVE/list
index 046a999a65..100f152761 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -4218,10 +4218,12 @@ CVE-2020-25649
 	RESERVED
 	{DLA-2406-1}
 	- jackson-databind 2.11.1-1
+	[buster] - jackson-databind <no-dsa> (Minor issue)
 	NOTE: https://github.com/FasterXML/jackson-databind/issues/2589
 	NOTE: https://github.com/FasterXML/jackson-databind/commit/612f971b78c60202e9cd75a299050c8f2d724a59 (jackson-databind-2.11.0.rc1)
 CVE-2020-25648 (A flaw was found in the way NSS handled CCS (ChangeCipherSpec) message ...)
 	- nss 2:3.58-1
+	[buster] - nss <no-dsa> (Minor issue)
 	NOTE: https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.58_release_notes
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1641480 (private)
 	NOTE: Fixed by: https://hg.mozilla.org/projects/nss/rev/57bbefa793232586d27cee83e74411171e128361
@@ -27151,7 +27153,7 @@ CVE-2020-14805 (Vulnerability in the Oracle E-Business Suite Secure Enterprise S
 CVE-2020-14804 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-8.0 <unfixed>
 CVE-2020-14803 (Vulnerability in the Java SE product of Oracle Java SE (component: Lib ...)
-	- openjdk-15 <unfixed>
+	- openjdk-15 15.0.1+9-1
 	- openjdk-11 11.0.9+11-1
 CVE-2020-14802 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
 	NOT-FOR-US: Oracle
@@ -27162,15 +27164,15 @@ CVE-2020-14800 (Vulnerability in the MySQL Server product of Oracle MySQL (compo
 CVE-2020-14799 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-8.0 <unfixed>
 CVE-2020-14798 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java  ...)
-	- openjdk-15 <unfixed>
+	- openjdk-15 15.0.1+9-1
 	- openjdk-11 11.0.9+11-1
 	- openjdk-8 <unfixed>
 CVE-2020-14797 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java  ...)
-	- openjdk-15 <unfixed>
+	- openjdk-15 15.0.1+9-1
 	- openjdk-11 11.0.9+11-1
 	- openjdk-8 <unfixed>
 CVE-2020-14796 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java  ...)
-	- openjdk-15 <unfixed>
+	- openjdk-15 15.0.1+9-1
 	- openjdk-11 11.0.9+11-1
 	- openjdk-8 <unfixed>
 CVE-2020-14795 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
@@ -27181,7 +27183,7 @@ CVE-2020-14793 (Vulnerability in the MySQL Server product of Oracle MySQL (compo
 	- mysql-5.7 <unfixed>
 	- mysql-8.0 <unfixed>
 CVE-2020-14792 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java  ...)
-	- openjdk-15 <unfixed>
+	- openjdk-15 15.0.1+9-1
 	- openjdk-11 11.0.9+11-1
 	- openjdk-8 <unfixed>
 CVE-2020-14791 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
@@ -27205,17 +27207,17 @@ CVE-2020-14784 (Vulnerability in the Oracle BI Publisher product of Oracle Fusio
 CVE-2020-14783 (Vulnerability in the Oracle Hospitality RES 3700 product of Oracle Foo ...)
 	NOT-FOR-US: Oracle
 CVE-2020-14782 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java  ...)
-	- openjdk-15 <unfixed>
+	- openjdk-15 15.0.1+9-1
 	- openjdk-11 11.0.9+11-1
 	- openjdk-8 <unfixed>
 CVE-2020-14781 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java  ...)
-	- openjdk-15 <unfixed>
+	- openjdk-15 15.0.1+9-1
 	- openjdk-11 11.0.9+11-1
 	- openjdk-8 <unfixed>
 CVE-2020-14780 (Vulnerability in the BI Publisher product of Oracle Fusion Middleware  ...)
 	NOT-FOR-US: Oracle
 CVE-2020-14779 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java  ...)
-	- openjdk-15 <unfixed>
+	- openjdk-15 15.0.1+9-1
 	- openjdk-11 11.0.9+11-1
 	- openjdk-8 <unfixed>
 CVE-2020-14778 (Vulnerability in the PeopleSoft Enterprise HCM Global Payroll Core pro ...)
diff --git a/data/dsa-needed.txt b/data/dsa-needed.txt
index b89c9d88de..34798c6fe2 100644
--- a/data/dsa-needed.txt
+++ b/data/dsa-needed.txt
@@ -29,6 +29,8 @@ openjdk-11 (jmm)
 --
 pdns-recursor
 --
+thunderbird (jmm)
+--
 xcftools
   Hugo proposed to work on this update
 --