[Secure-testing-commits] r39444 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Thu Feb 4 06:04:46 UTC 2016
Author: carnil
Date: 2016-02-04 06:04:46 +0000 (Thu, 04 Feb 2016)
New Revision: 39444
Modified:
data/CVE/list
Log:
Add three new asterisk issues
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-02-04 01:08:21 UTC (rev 39443)
+++ data/CVE/list 2016-02-04 06:04:46 UTC (rev 39444)
@@ -1,3 +1,18 @@
+CVE-2016-XXXX [AST-2016-003: Remote crash vulnerability when receiving UDPTL FAX data]
+ - asterisk <unfixed>
+ NOTE: http://downloads.asterisk.org/pub/security/AST-2016-003.html
+ NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-25603
+ TODO: check versions
+CVE-2016-XXXX [AST-2016-002: File descriptor exhaustion in chan_sip]
+ - asterisk <unfixed>
+ NOTE: http://downloads.asterisk.org/pub/security/AST-2016-002.html
+ NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-25397
+ TODO: check versions
+CVE-2016-XXXX [AST-2016-001: BEAST vulnerability in HTTP server]
+ - asterisk <unfixed>
+ NOTE: http://downloads.digium.com/pub/security/AST-2016-001.html
+ NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-24972
+ TODO: check versions
CVE-2016-XXXX [simpleid: passwords are stored as MD5]
- simpleid <unfixed> (bug #813611)
CVE-2016-XXXX [reflected cross-site scripting]
More information about the Secure-testing-commits
mailing list