[Git][security-tracker-team/security-tracker][master] 2 commits: mark two asterisk CVEs as no-dsa for Jessie
Thorsten Alteholz
alteholz at debian.org
Mon Jul 22 12:13:36 BST 2019
Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker
Commits:
f68fe267 by Thorsten Alteholz at 2019-07-22T11:04:55Z
mark two asterisk CVEs as no-dsa for Jessie
- - - - -
b38aaa76 by Thorsten Alteholz at 2019-07-22T11:05:21Z
asterisk CVEs are no-dsa
- - - - -
2 changed files:
- data/CVE/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -3324,6 +3324,7 @@ CVE-2019-13161 (An issue was discovered in Asterisk Open Source through 13.27.0,
- asterisk 1:16.2.1~dfsg-2 (low; bug #931981)
[buster] - asterisk <no-dsa> (Minor issue)
[stretch] - asterisk <no-dsa> (Minor issue)
+ [jessie] - asterisk <no-dsa> (Minor issue)
NOTE: http://downloads.digium.com/pub/security/AST-2019-003.html
NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-28465
CVE-2019-13160
@@ -4227,6 +4228,7 @@ CVE-2019-12827 (Buffer overflow in res_pjsip_messaging in Digium Asterisk versio
- asterisk 1:16.2.1~dfsg-2 (bug #931980)
[buster] - asterisk <no-dsa> (Minor issue)
[stretch] - asterisk <no-dsa> (Minor issue)
+ [jessie] - asterisk <no-dsa> (Minor issue)
NOTE: https://downloads.asterisk.org/pub/security/AST-2019-002.html
NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-28447
CVE-2019-12826 (A Cross-Site-Request-Forgery (CSRF) vulnerability in widget_logic.php ...)
=====================================
data/dla-needed.txt
=====================================
@@ -9,8 +9,6 @@ To pick an issue, simply add your name behind it. To learn more about how
this list is updated have a look at
https://wiki.debian.org/LTS/Development#Triage_new_security_issues
---
-asterisk
--
cfengine3 (Mike Gabriel)
NOTE: 20190628: likely not affected by CVE-2019-9929, but other not-yet-CVE'ed issues ahead
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/5d8dab73ffccc7d12e2fc77e6f8db07aeb57035a...b38aaa7632c78c5a294ed5477745b4869e213237
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/5d8dab73ffccc7d12e2fc77e6f8db07aeb57035a...b38aaa7632c78c5a294ed5477745b4869e213237
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190722/81e69a0c/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list