[Secure-testing-commits] r33480 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Fri Apr 10 06:11:29 UTC 2015
Author: carnil
Date: 2015-04-10 06:11:29 +0000 (Fri, 10 Apr 2015)
New Revision: 33480
Modified:
data/CVE/list
Log:
Update CVE-2015-3008/asterisk
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-04-10 06:04:45 UTC (rev 33479)
+++ data/CVE/list 2015-04-10 06:11:29 UTC (rev 33480)
@@ -9,7 +9,9 @@
TODO: check
CVE-2015-3008 [asterisk: TLS Certificate Common name NULL byte exploit]
- asterisk <unfixed>
- TODO: check
+ NOTE: http://downloads.asterisk.org/pub/security/AST-2015-003.html
+ NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-24847
+ NOTE: Patch: https://issues.asterisk.org/jira/secure/attachment/52082/asterisk-null-in-cn.patch
CVE-2015-3007
RESERVED
CVE-2015-3006
More information about the Secure-testing-commits
mailing list