[Secure-testing-commits] r5573 - data/CVE
Florian Weimer
fw at alioth.debian.org
Thu Mar 22 10:38:21 CET 2007
Author: fw
Date: 2007-03-22 09:38:18 +0000 (Thu, 22 Mar 2007)
New Revision: 5573
Modified:
data/CVE/list
Log:
Asterisk 3rd party advisory linked
Other Asterisk issue, unclear if it affects 1.2 (sarge is okay)
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2007-03-21 23:07:55 UTC (rev 5572)
+++ data/CVE/list 2007-03-22 09:38:18 UTC (rev 5573)
@@ -1,5 +1,10 @@
CVE-2007-XXXX [Single-packet SIP INVITE DoS in asterisk]
- asterisk <unfixed> (bug #415466; medium)
+ NOTE: http://voipsa.org/pipermail/voipsec_voipsa.org/2007-March/002275.html
+CVE-2007-XXXX [Asterisk segfault on SIP response code 0]
+ - asterisk <unfixed>
+ [sarge] - asterisk <not-affected> (correctly logs a warning)
+ NOTE: http://bugs.digium.com/view.php?id=9313
CVE-2007-1516 (PHP remote file inclusion vulnerability in functions/update.php in ...)
NOT-FOR-US: CcMail
CVE-2007-1515 (Multiple cross-site scripting (XSS) vulnerabilities in Horde IMP H3 ...)
More information about the Secure-testing-commits
mailing list