[Secure-testing-commits] r21768 - data/CVE
Salvatore Bonaccorso
carnil at alioth.debian.org
Thu Mar 28 05:14:57 UTC 2013
Author: carnil
Date: 2013-03-28 05:14:56 +0000 (Thu, 28 Mar 2013)
New Revision: 21768
Modified:
data/CVE/list
Log:
add asterisk issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2013-03-27 21:14:26 UTC (rev 21767)
+++ data/CVE/list 2013-03-28 05:14:56 UTC (rev 21768)
@@ -46,10 +46,15 @@
RESERVED
CVE-2013-2687
RESERVED
-CVE-2013-2686
+CVE-2013-2686 [Denial of Service in HTTP server]
RESERVED
-CVE-2013-2685
+ - asterisk <unfixed>
+ NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-20967
+CVE-2013-2685 [Buffer Overflow Exploit Through SIP SDP Header]
RESERVED
+ - asterisk <unfixed>
+ NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-20901
+ TODO: check, tracker states that only 1.11.x is affected
CVE-2013-2684
RESERVED
CVE-2013-2683
@@ -1042,8 +1047,10 @@
- bind9 <unfixed>
CVE-2013-2265
RESERVED
-CVE-2013-2264
+CVE-2013-2264 [Username disclosure in SIP channel driver]
RESERVED
+ - asterisk <unfixed>
+ NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-21013
CVE-2013-2263 (Unspecified vulnerability in Citrix Access Gateway Standard Edition ...)
NOT-FOR-US: Citrix Access Gateway
CVE-2013-2262
More information about the Secure-testing-commits
mailing list