[Secure-testing-commits] r39885 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Wed Feb 24 09:10:12 UTC 2016
Author: sectracker
Date: 2016-02-24 09:10:12 +0000 (Wed, 24 Feb 2016)
New Revision: 39885
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-02-24 07:58:15 UTC (rev 39884)
+++ data/CVE/list 2016-02-24 09:10:12 UTC (rev 39885)
@@ -992,7 +992,7 @@
NOTE: https://github.com/python-pillow/Pillow/commit/41fae6d9e2da741d2c5464775c7f1a609ea03798
NOTE: Upstream confirmed that versions prior 2.7 are not vulnerable.
NOTE: https://github.com/python-pillow/Pillow/issues/1737
-CVE-2016-2232 [AST-2016-003: Remote crash vulnerability when receiving UDPTL FAX data]
+CVE-2016-2232 (Asterisk Open Source 1.8.x, 11.x before 11.21.1, 12.x, and 13.x before ...)
- asterisk <unfixed>
[jessie] - asterisk <no-dsa> (Minor issue)
[wheezy] - asterisk <no-dsa> (Minor issue)
@@ -1002,7 +1002,7 @@
NOTE: issue was introduced in 2006 with commit 0f5e4e47, so squeeze and previous also vulnerable
NOTE: patch for 11 / jessie: https://code.asterisk.org/code/changelog/asterisk?cs=da2573a3779425654543d6ac4c4dd6871ce16720
NOTE: all versions vulnerable, backport required for wheezy
-CVE-2016-2316 [AST-2016-002: File descriptor exhaustion in chan_sip]
+CVE-2016-2316 (chan_sip in Asterisk Open Source 1.8.x, 11.x before 11.21.1, 12.x, and ...)
- asterisk <unfixed>
[jessie] - asterisk <no-dsa> (Minor issue)
[wheezy] - asterisk <no-dsa> (Minor issue)
More information about the Secure-testing-commits
mailing list