automatic update

author: security tracker role <sectracker@soriano.debian.org> 2022-01-25 20:10:20 +0000
committer: security tracker role <sectracker@soriano.debian.org> 2022-01-25 20:10:20 +0000
commit: a8927b69c8e3b709c2e6e9d2c5fc22fd3eabe0c4 (patch)
tree: 17dfd0afdc465cebe7a3c8f278863c8ce7e23511
parent: 79b0d48fec5d366c5a82085f4b0d96f171ff2c32 (diff)
2 files changed, 140 insertions, 90 deletions
diff --git a/data/CVE/list.2021 b/data/CVE/list.2021
index 52eae311a3..73105e6f4a 100644
--- a/data/CVE/list.2021
+++ b/data/CVE/list.2021
@@ -1,3 +1,9 @@
+CVE-2021-4215
+	RESERVED
+CVE-2021-4214
+	RESERVED
+CVE-2021-4213
+	RESERVED
 CVE-2021-4212
 	RESERVED
 CVE-2021-4211
@@ -1020,8 +1026,8 @@ CVE-2021-46115
 	RESERVED
 CVE-2021-46114
 	RESERVED
-CVE-2021-46113
-	RESERVED
+CVE-2021-46113 (In MartDevelopers KEA-Hotel-ERP open source as of 12-31-2021, a remote ...)
+	TODO: check
 CVE-2021-46112
 	RESERVED
 CVE-2021-46111
@@ -1068,20 +1074,20 @@ CVE-2021-46091
 	RESERVED
 CVE-2021-46090
 	RESERVED
-CVE-2021-46089
-	RESERVED
+CVE-2021-46089 (In JeecgBoot 3.0, there is a SQL injection vulnerability that can oper ...)
+	TODO: check
 CVE-2021-46088
 	RESERVED
-CVE-2021-46087
-	RESERVED
-CVE-2021-46086
-	RESERVED
-CVE-2021-46085
-	RESERVED
-CVE-2021-46084
-	RESERVED
-CVE-2021-46083
-	RESERVED
+CVE-2021-46087 (In jfinal_cms &gt;= 5.1 0, there is a storage XSS vulnerability in the ...)
+	TODO: check
+CVE-2021-46086 (xzs-mysql &gt;= t3.4.0 is vulnerable to Insecure Permissions. The fron ...)
+	TODO: check
+CVE-2021-46085 (OneBlog &lt;= 2.2.8 is vulnerable to Insecure Permissions. Low level a ...)
+	TODO: check
+CVE-2021-46084 (uscat, as of 2021-12-28, is vulnerable to Cross Site Scripting (XSS) v ...)
+	TODO: check
+CVE-2021-46083 (uscat, as of 2021-12-28, is vulnerable to Cross Site Scripting (XSS) v ...)
+	TODO: check
 CVE-2021-46082
 	RESERVED
 CVE-2021-46081
@@ -1220,10 +1226,10 @@ CVE-2021-46036
 	RESERVED
 CVE-2021-46035
 	RESERVED
-CVE-2021-46034
-	RESERVED
-CVE-2021-46033
-	RESERVED
+CVE-2021-46034 (A problem was found in ForestBlog, as of 2021-12-29, there is a XSS vu ...)
+	TODO: check
+CVE-2021-46033 (In ForestBlog, as of 2021-12-28, File upload can bypass verification. ...)
+	TODO: check
 CVE-2021-46032
 	RESERVED
 CVE-2021-46031
@@ -1803,14 +1809,14 @@ CVE-2021-45849
 	RESERVED
 CVE-2021-45848
 	RESERVED
-CVE-2021-45847
-	RESERVED
-CVE-2021-45846
-	RESERVED
-CVE-2021-45845
-	RESERVED
-CVE-2021-45844
-	RESERVED
+CVE-2021-45847 (Several missing input validations in the 3MF parser component of Slic3 ...)
+	TODO: check
+CVE-2021-45846 (A flaw in the AMF parser of Slic3r libslic3r 1.3.0 allows an attacker  ...)
+	TODO: check
+CVE-2021-45845 (The Path Sanity Check script of FreeCAD 0.19 is vulnerable to OS comma ...)
+	TODO: check
+CVE-2021-45844 (Improper sanitization in the invocation of ODA File Converter from Fre ...)
+	TODO: check
 CVE-2021-45843 (glFusion CMS v1.7.9 is affected by a reflected Cross Site Scripting (X ...)
 	NOT-FOR-US: glFusion CMS
 CVE-2021-45842
@@ -1893,10 +1899,10 @@ CVE-2021-45805
 	RESERVED
 CVE-2021-45804
 	RESERVED
-CVE-2021-45803
-	RESERVED
-CVE-2021-45802
-	RESERVED
+CVE-2021-45803 (MartDevelopers iResturant 1.0 is vulnerable to SQL Injection. SQL Inje ...)
+	TODO: check
+CVE-2021-45802 (MartDevelopers iResturant 1.0 is vulnerable to SQL Injection. SQL Inje ...)
+	TODO: check
 CVE-2021-45801
 	RESERVED
 CVE-2021-45800
@@ -3022,14 +3028,14 @@ CVE-2021-45345
 	RESERVED
 CVE-2021-45344
 	RESERVED
-CVE-2021-45343
-	RESERVED
-CVE-2021-45342
-	RESERVED
-CVE-2021-45341
-	RESERVED
-CVE-2021-45340
-	RESERVED
+CVE-2021-45343 (In LibreCAD 2.2.0, a NULL pointer dereference in the HATCH handling of ...)
+	TODO: check
+CVE-2021-45342 (A buffer overflow vulnerability in CDataList of the jwwlib component o ...)
+	TODO: check
+CVE-2021-45341 (A buffer overflow vulnerability in CDataMoji of the jwwlib component o ...)
+	TODO: check
+CVE-2021-45340 (In Libsixel prior to and including v1.10.3, a NULL pointer dereference ...)
+	TODO: check
 CVE-2021-45339 (Privilege escalation vulnerability in Avast Antivirus prior to 20.4 al ...)
 	NOT-FOR-US: Avast Antivirus
 CVE-2021-45338 (Multiple privilege escalation vulnerabilities in Avast Antivirus prior ...)
@@ -3903,8 +3909,8 @@ CVE-2021-45031
 	RESERVED
 CVE-2021-45030
 	RESERVED
-CVE-2021-45029
-	RESERVED
+CVE-2021-45029 (Groovy Code Injection &amp; SpEL Injection which lead to Remote Code E ...)
+	TODO: check
 CVE-2021-45028
 	RESERVED
 CVE-2021-45027
@@ -5727,6 +5733,7 @@ CVE-2021-44354
 	RESERVED
 CVE-2021-4034
 	RESERVED
+	{DSA-5059-1 DLA-2899-1}
 	- policykit-1 0.105-31.1
 	NOTE: https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt
 	NOTE: https://gitlab.freedesktop.org/polkit/polkit/-/commit/a2bf5c9c83b6ae46cbd5c779d3055bff81ded683
@@ -7028,8 +7035,8 @@ CVE-2021-43865
 	RESERVED
 CVE-2021-43864
 	RESERVED
-CVE-2021-43863
-	RESERVED
+CVE-2021-43863 (The Nextcloud Android app is the Android client for Nextcloud, a self- ...)
+	TODO: check
 CVE-2021-43862 (jQuery Terminal Emulator is a plugin for creating command line interpr ...)
 	NOT-FOR-US: jQuery Terminal Emulator
 CVE-2021-43861 (Mermaid is a Javascript based diagramming and charting tool that uses  ...)
@@ -11879,8 +11886,8 @@ CVE-2021-41851
 	RESERVED
 CVE-2021-3851 (firefly-iii is vulnerable to URL Redirection to Untrusted Site ...)
 	NOT-FOR-US: firefly-iii
-CVE-2021-3850
-	RESERVED
+CVE-2021-3850 (Authentication Bypass by Primary Weakness in GitHub repository adodb/a ...)
+	TODO: check
 CVE-2021-3849
 	RESERVED
 CVE-2021-41850
@@ -18848,8 +18855,8 @@ CVE-2021-39033
 	RESERVED
 CVE-2021-39032 (IBM Sterling Gentran:Server for Microsoft Windows 5.3 stores potential ...)
 	NOT-FOR-US: IBM
-CVE-2021-39031
-	RESERVED
+CVE-2021-39031 (IBM WebSphere Application Server - Liberty 17.0.0.3 through 22.0.0.1 c ...)
+	TODO: check
 CVE-2021-39030
 	RESERVED
 CVE-2021-39029
@@ -28682,23 +28689,22 @@ CVE-2021-34872 (This vulnerability allows remote attackers to execute arbitrary
 	NOT-FOR-US: Bentley View
 CVE-2021-34871 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Bentley View
-CVE-2021-34870
-	RESERVED
-CVE-2021-34869
-	RESERVED
-CVE-2021-34868
-	RESERVED
-CVE-2021-34867
-	RESERVED
-CVE-2021-34866
-	RESERVED
+CVE-2021-34870 (This vulnerability allows network-adjacent attackers to disclose sensi ...)
+	TODO: check
+CVE-2021-34869 (This vulnerability allows local attackers to escalate privileges on af ...)
+	TODO: check
+CVE-2021-34868 (This vulnerability allows local attackers to escalate privileges on af ...)
+	TODO: check
+CVE-2021-34867 (This vulnerability allows local attackers to escalate privileges on af ...)
+	TODO: check
+CVE-2021-34866 (This vulnerability allows local attackers to escalate privileges on af ...)
 	- linux 5.14.6-1
 	[bullseye] - linux 5.10.70-1
 	[buster] - linux <not-affected> (Vulnerable code introduced later)
 	[stretch] - linux <not-affected> (Vulnerable code introduced later)
 	NOTE: Fixed by: https://git.kernel.org/linus/5b029a32cfe4600f5e10e36b41778506b90fd4de (5.14)
-CVE-2021-34865
-	RESERVED
+CVE-2021-34865 (This vulnerability allows network-adjacent attackers to bypass authent ...)
+	TODO: check
 CVE-2021-34864 (This vulnerability allows local attackers to escalate privileges on af ...)
 	NOT-FOR-US: Parallels Desktop
 CVE-2021-34863 (This vulnerability allows network-adjacent attackers to execute arbitr ...)
@@ -38165,6 +38171,7 @@ CVE-2021-30986 (A device configuration issue was addressed with an updated confi
 CVE-2021-30985 (An out-of-bounds write issue was addressed with improved bounds checki ...)
 	NOT-FOR-US: Apple
 CVE-2021-30984 (A race condition was addressed with improved state handling. This issu ...)
+	{DSA-5061-1 DSA-5060-1}
 	- webkit2gtk 2.34.4-1
 	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
 	- wpewebkit 2.34.4-1
@@ -38228,21 +38235,25 @@ CVE-2021-30956
 CVE-2021-30955 (A race condition was addressed with improved state handling. This issu ...)
 	NOT-FOR-US: Apple
 CVE-2021-30954 (A type confusion issue was addressed with improved memory handling. Th ...)
+	{DSA-5061-1 DSA-5060-1}
 	- webkit2gtk 2.34.4-1
 	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
 	- wpewebkit 2.34.4-1
 	NOTE: https://webkitgtk.org/security/WSA-2022-0001.html
 CVE-2021-30953 (An out-of-bounds read was addressed with improved bounds checking. Thi ...)
+	{DSA-5061-1 DSA-5060-1}
 	- webkit2gtk 2.34.4-1
 	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
 	- wpewebkit 2.34.4-1
 	NOTE: https://webkitgtk.org/security/WSA-2022-0001.html
 CVE-2021-30952 (An integer overflow was addressed with improved input validation. This ...)
+	{DSA-5061-1 DSA-5060-1}
 	- webkit2gtk 2.34.4-1
 	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
 	- wpewebkit 2.34.4-1
 	NOTE: https://webkitgtk.org/security/WSA-2022-0001.html
 CVE-2021-30951 (A use after free issue was addressed with improved memory management.  ...)
+	{DSA-5061-1 DSA-5060-1}
 	- webkit2gtk 2.34.4-1
 	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
 	- wpewebkit 2.34.4-1
@@ -38276,6 +38287,7 @@ CVE-2021-30938 (This issue was addressed with improved checks. This issue is fix
 CVE-2021-30937 (A memory corruption vulnerability was addressed with improved locking. ...)
 	NOT-FOR-US: Apple
 CVE-2021-30936 (A use after free issue was addressed with improved memory management.  ...)
+	{DSA-5061-1 DSA-5060-1}
 	- webkit2gtk 2.34.4-1
 	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
 	- wpewebkit 2.34.4-1
@@ -38283,6 +38295,7 @@ CVE-2021-30936 (A use after free issue was addressed with improved memory manage
 CVE-2021-30935 (A logic issue was addressed with improved validation. This issue is fi ...)
 	NOT-FOR-US: Apple
 CVE-2021-30934 (A buffer overflow issue was addressed with improved memory handling. T ...)
+	{DSA-5061-1 DSA-5060-1}
 	- webkit2gtk 2.34.4-1
 	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
 	- wpewebkit 2.34.4-1
diff --git a/data/CVE/list.2022 b/data/CVE/list.2022
index f10924caaa..6093f19ce4 100644
--- a/data/CVE/list.2022
+++ b/data/CVE/list.2022
@@ -1,3 +1,43 @@
+CVE-2022-23947
+	RESERVED
+CVE-2022-23946
+	RESERVED
+CVE-2022-23945 (Missing authentication on ShenYu Admin when register by HTTP. This iss ...)
+	TODO: check
+CVE-2022-23944 (User can access /plugin api without authentication. This issue affecte ...)
+	TODO: check
+CVE-2022-23943
+	RESERVED
+CVE-2022-23942
+	RESERVED
+CVE-2022-21184
+	RESERVED
+CVE-2022-0368
+	RESERVED
+CVE-2022-0367
+	RESERVED
+CVE-2022-0366
+	RESERVED
+CVE-2022-0365
+	RESERVED
+CVE-2022-0364
+	RESERVED
+CVE-2022-0363
+	RESERVED
+CVE-2022-0362
+	RESERVED
+CVE-2022-0361
+	RESERVED
+CVE-2022-0360
+	RESERVED
+CVE-2022-0359
+	RESERVED
+CVE-2022-0358
+	RESERVED
+CVE-2022-0357
+	RESERVED
+CVE-2022-0356
+	RESERVED
 CVE-2022-23941
 	RESERVED
 CVE-2022-23940
@@ -155,8 +195,8 @@ CVE-2022-23865
 	RESERVED
 CVE-2022-0352
 	RESERVED
-CVE-2022-0351
-	RESERVED
+CVE-2022-0351 (Access of Memory Location Before Start of Buffer in Conda vim prior to ...)
+	TODO: check
 CVE-2022-0350
 	RESERVED
 CVE-2022-0349
@@ -214,8 +254,8 @@ CVE-2022-23849
 	RESERVED
 CVE-2022-0339
 	RESERVED
-CVE-2022-0338
-	RESERVED
+CVE-2022-0338 (Improper Privilege Management in Conda loguru prior to 0.5.3. ...)
+	TODO: check
 CVE-2022-23848
 	RESERVED
 CVE-2022-23847
@@ -1547,8 +1587,8 @@ CVE-2022-0270
 	RESERVED
 CVE-2022-0269 (Cross-Site Request Forgery (CSRF) in Packagist yetiforce/yetiforce-crm ...)
 	TODO: check
-CVE-2022-0268
-	RESERVED
+CVE-2022-0268 (Cross-site Scripting (XSS) - Stored in Packagist getgrav/grav prior to ...)
+	TODO: check
 CVE-2022-0267
 	RESERVED
 CVE-2022-23312
@@ -1808,8 +1848,8 @@ CVE-2022-23225
 	RESERVED
 CVE-2022-23224
 	RESERVED
-CVE-2022-23223
-	RESERVED
+CVE-2022-23223 (The HTTP response will disclose the user password. This issue affected ...)
+	TODO: check
 CVE-2022-23221 (H2 Console before 2.1.210 allows remote attackers to execute arbitrary ...)
 	- h2database <unfixed>
 	NOTE: https://github.com/h2database/h2database/releases/tag/version-2.1.210
@@ -2362,20 +2402,17 @@ CVE-2022-23037
 	RESERVED
 CVE-2022-23036
 	RESERVED
-CVE-2022-23035
-	RESERVED
+CVE-2022-23035 (Insufficient cleanup of passed-through device IRQs The management of I ...)
 	- xen <unfixed>
 	[buster] - xen <end-of-life> (DSA 4677-1)
 	[stretch] - xen <end-of-life> (DSA 4602-1)
 	NOTE: https://xenbits.xen.org/xsa/advisory-395.html
-CVE-2022-23034
-	RESERVED
+CVE-2022-23034 (A PV guest could DoS Xen while unmapping a grant To address XSA-380, r ...)
 	- xen <unfixed>
 	[buster] - xen <end-of-life> (DSA 4677-1)
 	[stretch] - xen <end-of-life> (DSA 4602-1)
 	NOTE: https://xenbits.xen.org/xsa/advisory-394.html
-CVE-2022-23033
-	RESERVED
+CVE-2022-23033 (arm: guest_physmap_remove_page not removing the p2m mappings The funct ...)
 	- xen <unfixed>
 	[buster] - xen <end-of-life> (DSA 4677-1)
 	[stretch] - xen <end-of-life> (DSA 4602-1)
@@ -3090,7 +3127,7 @@ CVE-2022-22748
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2022-03/#CVE-2022-22748
 CVE-2022-22747
 	RESERVED
-	{DSA-5045-1 DSA-5044-1 DLA-2881-1 DLA-2880-1}
+	{DSA-5045-1 DSA-5044-1 DLA-2898-1 DLA-2881-1 DLA-2880-1}
 	- nss 2:3.73-1
 	- firefox 96.0-1
 	- firefox-esr 91.5.0esr-1
@@ -5690,8 +5727,8 @@ CVE-2022-21699 (IPython (Interactive Python) is a command shell for interactive
 	NOTE: https://ipython.readthedocs.io/en/stable/whatsnew/version8.html#ipython-8-0-1-cve-2022-21699
 CVE-2022-21698
 	RESERVED
-CVE-2022-21697
-	RESERVED
+CVE-2022-21697 (Jupyter Server Proxy is a Jupyter notebook server extension to proxy w ...)
+	TODO: check
 CVE-2022-21696 (OnionShare is an open source tool that lets you securely and anonymous ...)
 	- onionshare <unfixed>
 	NOTE: https://github.com/onionshare/onionshare/security/advisories/GHSA-68vr-8f46-vc9f
@@ -6395,11 +6432,11 @@ CVE-2022-21367 (Vulnerability in the MySQL Server product of Oracle MySQL (compo
 	- mysql-5.7 <removed>
 	- mysql-8.0 <unfixed>
 CVE-2022-21366 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...)
-	{DSA-5057-1}
+	{DSA-5058-1 DSA-5057-1}
 	- openjdk-11 11.0.14+9-1
 	- openjdk-17 17.0.2+8-1
 CVE-2022-21365 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...)
-	{DSA-5057-1}
+	{DSA-5058-1 DSA-5057-1}
 	- openjdk-8 <unfixed>
 	- openjdk-11 11.0.14+9-1
 	- openjdk-17 17.0.2+8-1
@@ -6412,7 +6449,7 @@ CVE-2022-21362 (Vulnerability in the MySQL Server product of Oracle MySQL (compo
 CVE-2022-21361 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
 	NOT-FOR-US: Oracle
 CVE-2022-21360 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...)
-	{DSA-5057-1}
+	{DSA-5058-1 DSA-5057-1}
 	- openjdk-8 <unfixed>
 	- openjdk-11 11.0.14+9-1
 	- openjdk-17 17.0.2+8-1
@@ -6454,12 +6491,12 @@ CVE-2022-21343
 CVE-2022-21342 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-8.0 <unfixed>
 CVE-2022-21341 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...)
-	{DSA-5057-1}
+	{DSA-5058-1 DSA-5057-1}
 	- openjdk-8 <unfixed>
 	- openjdk-11 11.0.14+9-1
 	- openjdk-17 17.0.2+8-1
 CVE-2022-21340 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...)
-	{DSA-5057-1}
+	{DSA-5058-1 DSA-5057-1}
 	- openjdk-8 <unfixed>
 	- openjdk-11 11.0.14+9-1
 	- openjdk-17 17.0.2+8-1
@@ -6532,7 +6569,7 @@ CVE-2022-21307 (Vulnerability in the MySQL Cluster product of Oracle MySQL (comp
 CVE-2022-21306 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
 	NOT-FOR-US: Oracle
 CVE-2022-21305 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...)
-	{DSA-5057-1}
+	{DSA-5058-1 DSA-5057-1}
 	- openjdk-8 <unfixed>
 	- openjdk-11 11.0.14+9-1
 	- openjdk-17 17.0.2+8-1
@@ -6549,7 +6586,7 @@ CVE-2022-21301 (Vulnerability in the MySQL Server product of Oracle MySQL (compo
 CVE-2022-21300 (Vulnerability in the PeopleSoft Enterprise CS SA Integration Pack prod ...)
 	NOT-FOR-US: Oracle
 CVE-2022-21299 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...)
-	{DSA-5057-1}
+	{DSA-5058-1 DSA-5057-1}
 	- openjdk-8 <unfixed>
 	- openjdk-11 11.0.14+9-1
 	- openjdk-17 17.0.2+8-1
@@ -6558,26 +6595,26 @@ CVE-2022-21298 (Vulnerability in the Oracle Solaris product of Oracle Systems (c
 CVE-2022-21297 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-8.0 <unfixed>
 CVE-2022-21296 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...)
-	{DSA-5057-1}
+	{DSA-5058-1 DSA-5057-1}
 	- openjdk-8 <unfixed>
 	- openjdk-11 11.0.14+9-1
 	- openjdk-17 17.0.2+8-1
 CVE-2022-21295 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
 	- virtualbox <not-affected> (Windows-specific)
 CVE-2022-21294 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...)
-	{DSA-5057-1}
+	{DSA-5058-1 DSA-5057-1}
 	- openjdk-8 <unfixed>
 	- openjdk-11 11.0.14+9-1
 	- openjdk-17 17.0.2+8-1
 CVE-2022-21293 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...)
-	{DSA-5057-1}
+	{DSA-5058-1 DSA-5057-1}
 	- openjdk-8 <unfixed>
 	- openjdk-11 11.0.14+9-1
 	- openjdk-17 17.0.2+8-1
 CVE-2022-21292 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
 	NOT-FOR-US: Oracle
 CVE-2022-21291 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...)
-	{DSA-5057-1}
+	{DSA-5058-1 DSA-5057-1}
 	- openjdk-8 <unfixed>
 	- openjdk-11 11.0.14+9-1
 	- openjdk-17 17.0.2+8-1
@@ -6596,11 +6633,11 @@ CVE-2022-21285 (Vulnerability in the MySQL Cluster product of Oracle MySQL (comp
 CVE-2022-21284 (Vulnerability in the MySQL Cluster product of Oracle MySQL (component: ...)
 	NOT-FOR-US: MySQL Cluster
 CVE-2022-21283 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...)
-	{DSA-5057-1}
+	{DSA-5058-1 DSA-5057-1}
 	- openjdk-11 11.0.14+9-1
 	- openjdk-17 17.0.2+8-1
 CVE-2022-21282 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...)
-	{DSA-5057-1}
+	{DSA-5058-1 DSA-5057-1}
 	- openjdk-8 <unfixed>
 	- openjdk-11 11.0.14+9-1
 	- openjdk-17 17.0.2+8-1
@@ -6613,7 +6650,7 @@ CVE-2022-21279 (Vulnerability in the MySQL Cluster product of Oracle MySQL (comp
 CVE-2022-21278 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-8.0 <unfixed>
 CVE-2022-21277 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...)
-	{DSA-5057-1}
+	{DSA-5058-1 DSA-5057-1}
 	- openjdk-11 11.0.14+9-1
 	- openjdk-17 17.0.2+8-1
 CVE-2022-21276 (Vulnerability in the Oracle Communications Billing and Revenue Managem ...)
@@ -6675,7 +6712,7 @@ CVE-2022-21250 (Vulnerability in the Oracle Trade Management product of Oracle E
 CVE-2022-21249 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-8.0 <unfixed>
 CVE-2022-21248 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...)
-	{DSA-5057-1}
+	{DSA-5058-1 DSA-5057-1}
 	- openjdk-8 <unfixed>
 	- openjdk-11 11.0.14+9-1
 	- openjdk-17 17.0.2+8-1
author	security tracker role <sectracker@soriano.debian.org>	2022-01-25 20:10:20 +0000
committer	security tracker role <sectracker@soriano.debian.org>	2022-01-25 20:10:20 +0000
commit	a8927b69c8e3b709c2e6e9d2c5fc22fd3eabe0c4 (patch)
tree	17dfd0afdc465cebe7a3c8f278863c8ce7e23511
parent	79b0d48fec5d366c5a82085f4b0d96f171ff2c32 (diff)