[Secure-testing-commits] r21868 - data/CVE

Salvatore Bonaccorso carnil at alioth.debian.org
Sun Apr 7 19:48:18 UTC 2013


Author: carnil
Date: 2013-04-07 19:48:18 +0000 (Sun, 07 Apr 2013)
New Revision: 21868

Modified:
   data/CVE/list
Log:
CVE-2013-2686 does not affect asterisk in stable

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2013-04-07 19:46:37 UTC (rev 21867)
+++ data/CVE/list	2013-04-07 19:48:18 UTC (rev 21868)
@@ -162,6 +162,7 @@
 	RESERVED
 CVE-2013-2686 (main/http.c in the HTTP server in Asterisk Open Source 1.8.x before ...)
 	- asterisk <unfixed> (bug #704114)
+	[squeeze] - asterisk <not-affected> (httpd code does not read HTTP POST variables)
 	NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-20967
 CVE-2013-2685 (Stack-based buffer overflow in res/res_format_attr_h264.c in Asterisk ...)
 	- asterisk <not-affected> (H264 code not yet present)




More information about the Secure-testing-commits mailing list