[Secure-testing-commits] r31824 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Thu Jan 29 15:47:01 UTC 2015
Author: carnil
Date: 2015-01-29 15:47:01 +0000 (Thu, 29 Jan 2015)
New Revision: 31824
Modified:
data/CVE/list
Log:
Add another asterisk issue, AST-2015-002
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-01-29 15:46:53 UTC (rev 31823)
+++ data/CVE/list 2015-01-29 15:47:01 UTC (rev 31824)
@@ -1,3 +1,7 @@
+CVE-2015-XXXX [AST-2015-002: Mitigation for libcURL HTTP request injection vulnerability]
+ - asterisk <unfixed>
+ NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-24676
+ NOTE: http://downloads.digium.com/pub/security/AST-2015-002.html
CVE-2015-XXXX [AST-2015-001: File descriptor leak when incompatible codecs are offered]
- asterisk <unfixed>
[jessie] - asterisk <not-affected> (Only affects 12.x and 13.x)
More information about the Secure-testing-commits
mailing list