[Secure-testing-commits] r40651 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Wed Mar 30 04:59:13 UTC 2016 

Author: carnil
Date: 2016-03-30 04:59:13 +0000 (Wed, 30 Mar 2016)
New Revision: 40651

Modified:
   data/CVE/list
Log:
Some asterisk issues fixed in unstable with recent update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-03-30 04:51:07 UTC (rev 40650)
+++ data/CVE/list	2016-03-30 04:59:13 UTC (rev 40651)
@@ -4036,7 +4036,7 @@
 	NOTE: Upstream confirmed that versions prior 2.7 are not vulnerable.
 	NOTE: https://github.com/python-pillow/Pillow/issues/1737
 CVE-2016-2232 (Asterisk Open Source 1.8.x, 11.x before 11.21.1, 12.x, and 13.x before ...)
-	- asterisk <unfixed>
+	- asterisk 1:13.7.2~dfsg-1
 	[jessie] - asterisk <no-dsa> (Minor issue)
 	[wheezy] - asterisk <no-dsa> (Minor issue)
 	[squeeze] - asterisk <end-of-life> (Not supported in Squeeze LTS)
@@ -4046,7 +4046,7 @@
 	NOTE: patch for 11 / jessie: https://code.asterisk.org/code/changelog/asterisk?cs=da2573a3779425654543d6ac4c4dd6871ce16720
 	NOTE: all versions vulnerable, backport required for wheezy
 CVE-2016-2316 (chan_sip in Asterisk Open Source 1.8.x, 11.x before 11.21.1, 12.x, and ...)
-	- asterisk <unfixed>
+	- asterisk 1:13.7.2~dfsg-1
 	[jessie] - asterisk <no-dsa> (Minor issue)
 	[wheezy] - asterisk <no-dsa> (Minor issue)
 	[squeeze] - asterisk <end-of-life> (Not supported in Squeeze LTS)
@@ -26945,7 +26945,7 @@
 	NOTE: Patch: http://bk1.ntp.org/ntp-stable/?PAGE=patch&REV=55199296N2gFqH1Hm5GOnhrk9Ypygg
 	NOTE: http://www.openwall.com/lists/oss-security/2015/04/09/5
 CVE-2015-3008 (Asterisk Open Source 1.8 before 1.8.32.3, 11.x before 11.17.1, 12.x ...)
-	- asterisk <unfixed> (bug #782411)
+	- asterisk 1:13.7.2~dfsg-1 (bug #782411)
 	[squeeze] - asterisk <end-of-life> (Not supported in Squeeze LTS)
 	NOTE: http://downloads.asterisk.org/pub/security/AST-2015-003.html
 	NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-24847
@@ -103504,7 +103504,7 @@
 	NOTE: Pound 2.6-2 added an anti_beast.patch to mitigate BEAST attacks.
 	- erlang 1:15.b-dfsg-1
 	[squeeze] - erlang <no-dsa> (Minor issue)
-	- asterisk <unfixed>
+	- asterisk 1:13.7.2~dfsg-1
 	[jessie] - asterisk <no-dsa> (Minor issue)
 	[wheezy] - asterisk <no-dsa> (Minor issue)
 	[squeeze] - asterisk <end-of-life> (Not supported in Squeeze LTS)

More information about the Secure-testing-commits mailing list