[Secure-testing-commits] r31071 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Thu Jan 1 06:47:54 UTC 2015
Author: carnil
Date: 2015-01-01 06:47:54 +0000 (Thu, 01 Jan 2015)
New Revision: 31071
Modified:
data/CVE/list
Log:
Add fixed versions for asterisk upload
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-01-01 06:43:42 UTC (rev 31070)
+++ data/CVE/list 2015-01-01 06:47:54 UTC (rev 31071)
@@ -781,7 +781,7 @@
CVE-2014-9299
RESERVED
CVE-2014-9374 (Double free vulnerability in the WebSocket Server (res_http_websocket ...)
- - asterisk <unfixed> (bug #773230)
+ - asterisk 1:13.1.0~dfsg-1 (bug #773230)
[wheezy] - asterisk <not-affected> (Web socket code not yet present)
[squeeze] - asterisk <not-affected> (Web socket code not yet present)
NOTE: http://downloads.digium.com/pub/security/AST-2014-019.html
@@ -3792,43 +3792,43 @@
CVE-2014-8419 (Wibu-Systems CodeMeter Runtime before 5.20 uses weak permissions (read ...)
NOT-FOR-US: Wibu-Systems CodeMeter Runtime
CVE-2014-8418 (The DB dialplan function in Asterisk Open Source 1.8.x before 1.8.32, ...)
- - asterisk <unfixed> (bug #771463)
+ - asterisk 1:13.1.0~dfsg-1 (bug #771463)
[squeeze] - asterisk <end-of-life> (Unsupported in squeeze-lts)
NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-24534
NOTE: http://downloads.digium.com/pub/security/AST-2014-018.html
CVE-2014-8417 (ConfBridge in Asterisk 11.x before 11.14.1, 12.x before 12.7.1, and ...)
- - asterisk <unfixed> (bug #771463)
+ - asterisk 1:13.1.0~dfsg-1 (bug #771463)
[squeeze] - asterisk <end-of-life> (Unsupported in squeeze-lts)
NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-24490
NOTE: http://downloads.digium.com/pub/security/AST-2014-017.html
CVE-2014-8416 (Use-after-free vulnerability in the PJSIP channel driver in Asterisk ...)
- - asterisk <unfixed>
+ - asterisk 1:13.1.0~dfsg-1
[jessie] - asterisk <not-affected> (PJSIP channel not available yet)
[wheezy] - asterisk <not-affected> (PJSIP channel not available yet)
[squeeze] - asterisk <not-affected> (PJSIP channel not available yet)
NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-24471
NOTE: http://downloads.digium.com/pub/security/AST-2014-016.html
CVE-2014-8415 (Race condition in the chan_pjsip channel driver in Asterisk Open ...)
- - asterisk <unfixed>
+ - asterisk 1:13.1.0~dfsg-1
[jessie] - asterisk <not-affected> (PJSIP channel not available yet)
[wheezy] - asterisk <not-affected> (PJSIP channel not available yet)
[squeeze] - asterisk <not-affected> (PJSIP channel not available yet)
NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-24471
NOTE: http://downloads.digium.com/pub/security/AST-2014-015.html
CVE-2014-8414 (ConfBridge in Asterisk 11.x before 11.14.1 and Certified Asterisk 11.6 ...)
- - asterisk <unfixed> (bug #771463)
+ - asterisk 1:13.1.0~dfsg-1 (bug #771463)
[squeeze] - asterisk <end-of-life> (Unsupported in squeeze-lts)
NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-24440
NOTE: http://downloads.digium.com/pub/security/AST-2014-014.html
CVE-2014-8413 (The res_pjsip_acl module in Asterisk Open Source 12.x before 12.7.1 ...)
- - asterisk <unfixed>
+ - asterisk 1:13.1.0~dfsg-1
[jessie] - asterisk <not-affected> (PJSIP channel not available yet)
[wheezy] - asterisk <not-affected> (PJSIP channel not available yet)
[squeeze] - asterisk <not-affected> (PJSIP channel not available yet)
NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-24531
NOTE: http://downloads.digium.com/pub/security/AST-2014-013.html
CVE-2014-8412 (The (1) VoIP channel drivers, (2) DUNDi, and (3) Asterisk Manager ...)
- - asterisk <unfixed> (bug #771463)
+ - asterisk 1:13.1.0~dfsg-1 (bug #771463)
[squeeze] - asterisk <end-of-life> (Unsupported in squeeze-lts)
NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-24469
NOTE: http://downloads.digium.com/pub/security/AST-2014-012.html
More information about the Secure-testing-commits
mailing list