[Secure-testing-commits] r8376 - in data: CVE DSA
jmm-guest at alioth.debian.org
jmm-guest at alioth.debian.org
Thu Mar 20 14:11:02 UTC 2008
Author: jmm-guest
Date: 2008-03-20 14:11:00 +0000 (Thu, 20 Mar 2008)
New Revision: 8376
Modified:
data/CVE/list
data/DSA/list
Log:
latest asterisk DSA
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2008-03-19 21:31:59 UTC (rev 8375)
+++ data/CVE/list 2008-03-20 14:11:00 UTC (rev 8376)
@@ -1,7 +1,10 @@
CVE-2008-1391
RESERVED
-CVE-2008-1390
+CVE-2008-1390 [AST-2008-005: HTTP Manager ID is predictable]
RESERVED
+ - asterisk <unfixed> (low)
+ [etch] - asterisk <not-affected> (Only 1.4.x affected)
+ [sarge] - asterisk <not-affected> (Only 1.4.x affected)
CVE-2008-1389
RESERVED
CVE-2008-1388
@@ -116,10 +119,12 @@
NOT-FOR-US: NetBSD
CVE-2008-1334 (cgi/b on the BT Home Hub router allows remote attackers to bypass ...)
NOT-FOR-US: BT Home Hub router
-CVE-2008-1333
+CVE-2008-1333 [AST-2008-004: Format String Vulnerability in Logger and Manager]
RESERVED
- asterisk 1:1.4.18.1~dfsg-1 (medium)
-CVE-2008-1332
+ NOTE: Etch's release is unimportant, since not exploitable, but was fixed anyway
+ [sarge] - asterisk <not-affected> (Only 1.6.x affected)
+CVE-2008-1332 [AST-2008-003: Unauthenticated calls allowed from SIP channel driver]
RESERVED
- asterisk 1:1.4.18.1~dfsg-1 (medium)
CVE-2008-1331
@@ -200,9 +205,11 @@
RESERVED
CVE-2008-1290
RESERVED
-CVE-2008-1289
+CVE-2008-1289 [AST-2008-002: Two buffer overflows in RTP Codec Payload Handling]
RESERVED
- asterisk 1:1.4.18.1~dfsg-1 (medium)
+ [etch] - asterisk <not-affected> (Only 1.4.x and above affected)
+ [sarge] - asterisk <not-affected> (Only 1.4.x and above affected)
CVE-2007-6710
RESERVED
CVE-2007-6709 (The Cisco Linksys WAG54GS Wireless-G ADSL Gateway with 1.01.03 and ...)
Modified: data/DSA/list
===================================================================
--- data/DSA/list 2008-03-19 21:31:59 UTC (rev 8375)
+++ data/DSA/list 2008-03-20 14:11:00 UTC (rev 8376)
@@ -1,3 +1,6 @@
+[20 Mar 2008] DSA-1525-1 asterisk
+ {CVE-2007-6430 CVE-2008-1332 CVE-2008-1333}
+ [etch] - asterisk 1:1.2.13~dfsg-2etch3
[18 Mar 2008] DSA-1524-1 krb5 - multiple vulnerabilities
{CVE-2008-0062 CVE-2008-0063 CVE-2008-0947}
[sarge] - krb5 1.3.6-2sarge6
More information about the Secure-testing-commits
mailing list