[Secure-testing-commits] r47007 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Mon Dec 12 20:43:01 UTC 2016
Author: carnil
Date: 2016-12-12 20:43:01 +0000 (Mon, 12 Dec 2016)
New Revision: 47007
Modified:
data/CVE/list
Log:
Update CVEs for asterisk
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-12-12 20:07:49 UTC (rev 47006)
+++ data/CVE/list 2016-12-12 20:43:01 UTC (rev 47007)
@@ -29,14 +29,14 @@
NOTE: Fixed by: https://github.com/php/php-src/commit/863d37ea66d5c960db08d6f4a2cbd2518f0f80d1
NOTE: Starting with 5.4.0-1 Debian uses the system copy of libgd
NOTE: http://www.openwall.com/lists/oss-security/2016/12/12/2
-CVE-2016-XXXX [AST-2016-008]
+CVE-2016-9937 [AST-2016-008]
- asterisk <not-affected> (Introduced in 13.12.0 but fixed with first version to unstable based on 13.12.1)
NOTE: Vulnerability introduced in 13.12.0, but the first upload to unstable
NOTE: versioned as 1:13.12.1~dfsg-1 via opus.patch removed the offending
NOTE: function. Thus Debian was never vulnerable.
NOTE: http://downloads.asterisk.org/pub/security/AST-2016-008.html
NOTE: Cf. https://bugs.debian.org/847666
-CVE-2016-XXXX [AST-2016-009]
+CVE-2016-9938 [AST-2016-009]
- asterisk <unfixed> (bug #847668)
[jessie] - asterisk <no-dsa> (Minor issue)
NOTE: http://downloads.asterisk.org/pub/security/AST-2016-009.html
More information about the Secure-testing-commits
mailing list