[Secure-testing-commits] r46613 - data/CVE

[Brian May]

Author: bam
Date: 2016-11-28 06:24:13 +0000 (Mon, 28 Nov 2016)
New Revision: 46613

Modified:
   data/CVE/list
Log:
Add links to upstream Asterisk security advisories

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-11-28 06:16:38 UTC (rev 46612)
+++ data/CVE/list	2016-11-28 06:24:13 UTC (rev 46613)
@@ -76629,15 +76629,19 @@
 	RESERVED
 CVE-2014-2289 (res/res_pjsip_exten_state.c in the PJSIP channel driver in Asterisk ...)
 	- asterisk <not-affected> (Only affects Asterisk 12.x)
+	NOTE: http://downloads.asterisk.org/pub/security/AST-2014-004.html
 CVE-2014-2288 (The PJSIP channel driver in Asterisk Open Source 12.x before 12.1.1, ...)
 	- asterisk <not-affected> (Only affects Asterisk 12.x)
+	NOTE: http://downloads.asterisk.org/pub/security/AST-2014-003.html
 CVE-2014-2287 (channels/chan_sip.c in Asterisk Open Source 1.8.x before 1.8.26.1, ...)
 	- asterisk 1:11.8.1~dfsg-1 (bug #741313)
 	[squeeze] - asterisk <end-of-life> (Unsupported in squeeze-lts)
+	NOTE: http://downloads.asterisk.org/pub/security/AST-2014-002.html
 CVE-2014-2286 (main/http.c in Asterisk Open Source 1.8.x before 1.8.26.1, 11.8.x ...)
 	{DLA-455-1}
 	- asterisk 1:11.8.1~dfsg-1 (bug #741313)
 	[squeeze] - asterisk <end-of-life> (Unsupported in squeeze-lts)
+	NOTE: http://downloads.asterisk.org/pub/security/AST-2014-001.html
 CVE-2014-2283 (epan/dissectors/packet-rlc in the RLC dissector in Wireshark 1.8.x ...)
 	{DSA-2871-1}
 	- wireshark 1.10.6-1