[Secure-testing-commits] r12797 - in data: CVE NMU

Giuseppe Iuculano derevko-guest at alioth.debian.org
Sun Sep 13 14:47:22 UTC 2009 

Author: derevko-guest
Date: 2009-09-13 14:47:22 +0000 (Sun, 13 Sep 2009)
New Revision: 12797

Modified:
   data/CVE/list
   data/NMU/list
Log:
- CVE-2009-2726 and CVE-2009-2651 fixed in asterisk 1:1.6.2.0~dfsg~rc1-1
- CVE-2009-1882 fixed in graphicsmagick 1.3.5-5.1


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2009-09-13 11:48:12 UTC (rev 12796)
+++ data/CVE/list	2009-09-13 14:47:22 UTC (rev 12797)
@@ -1570,7 +1570,7 @@
 CVE-2009-2727 (Stack-based buffer overflow in the _tt_internal_realpath function in ...)
 	NOT-FOR-US: IBM AIX
 CVE-2009-2726 (The SIP channel driver in Asterisk Open Source 1.2.x before 1.2.34, ...)
-	- asterisk <unfixed> (bug #541441)
+	- asterisk 1:1.6.2.0~dfsg~rc1-1 (bug #541441)
 	[squeeze] - asterisk <not-affected> (Doesn't permit SIP packets to exceed 1500 bytes total)
 	[lenny] - asterisk <not-affected> (Doesn't permit SIP packets to exceed 1500 bytes total)
 	[etch] - asterisk <not-affected> (Doesn't permit SIP packets to exceed 1500 bytes total)
@@ -1982,7 +1982,7 @@
 	NOTE: fixed in iceweasel 3.0.13 and 3.5.2, which have yet to be uploaded
 	TODO: check whether other web browsers are affected and file bugs
 CVE-2009-2651 (main/rtp.c in Asterisk Open Source 1.6.1 before 1.6.1.2 allows remote ...)
-	- asterisk <unfixed> (low; bug #539473)
+	- asterisk 1:1.6.2.0~dfsg~rc1-1 (low; bug #539473)
 	[etch] - asterisk <not-affected> (Vulnerable code not present)
 	[lenny] - asterisk <not-affected> (Vulnerable code not present)
 	[squeeze] - asterisk <not-affected> (Vulnerable code not present)
@@ -4042,7 +4042,7 @@
 CVE-2009-1882 (Integer overflow in the XMakeImage function in magick/xwindow.c in ...)
 	{DSA-1858-1}
 	- imagemagick 7:6.5.1.0-1.1 (medium; bug #530838)
-	- graphicsmagick <unfixed> (medium; bug #530946)
+	- graphicsmagick 1.3.5-5.1 (medium; bug #530946)
 CVE-2009-1881 (Cross-site scripting (XSS) vulnerability in MT312 IMG-BBS allows ...)
 	NOT-FOR-US: MT312
 CVE-2009-1880 (Cross-site scripting (XSS) vulnerability in MT312 REP-BBS allows ...)

Modified: data/NMU/list
===================================================================
--- data/NMU/list	2009-09-13 11:48:12 UTC (rev 12796)
+++ data/NMU/list	2009-09-13 14:47:22 UTC (rev 12797)
@@ -165,3 +165,4 @@
 2009-08-16 libxml2 2.7.3.dfsg-2.1
 2009-08-27 curl 7.19.5-1.1
 2009-09-08 strongswan 4.3.2-1.1
+2009-09-13 graphicsmagick 1.3.5-5.1

More information about the Secure-testing-commits mailing list