[Git][security-tracker-team/security-tracker][master] Reserve DLA-2969-1 for asterisk
Abhijith PA (@abhijith)
abhijith at debian.org
Sun Apr 3 06:48:19 BST 2022
Abhijith PA pushed to branch master at Debian Security Tracker / security-tracker
Commits:
022be0ce by Abhijith PA at 2022-04-03T11:17:57+05:30
Reserve DLA-2969-1 for asterisk
- - - - -
3 changed files:
- data/CVE/list
- data/DLA/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -99736,7 +99736,6 @@ CVE-2020-28243 (An issue was discovered in SaltStack Salt before 3002.5. The min
CVE-2020-28242 (An issue was discovered in Asterisk Open Source 13.x before 13.37.1, 1 ...)
- asterisk 1:16.15.0~dfsg-1 (bug #974713)
[buster] - asterisk <no-dsa> (Minor issue)
- [stretch] - asterisk <no-dsa> (Minor issue)
NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-29013
NOTE: http://downloads.asterisk.org/pub/security/AST-2020-002.html
CVE-2020-28241 (libmaxminddb before 1.4.3 has a heap-based buffer over-read in dump_en ...)
@@ -169452,7 +169451,6 @@ CVE-2019-18977
RESERVED
CVE-2019-18976 (An issue was discovered in res_pjsip_t38.c in Sangoma Asterisk through ...)
- asterisk 1:16.1.1~dfsg-1
- [stretch] - asterisk <no-dsa> (Minor issue)
[jessie] - asterisk <not-affected> (Vulnerable code not present)
NOTE: https://downloads.asterisk.org/pub/security/AST-2019-008.html
NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-28612
@@ -169984,7 +169982,6 @@ CVE-2019-18790 (An issue was discovered in channels/chan_sip.c in Sangoma Asteri
{DLA-2017-1}
- asterisk 1:16.10.0~dfsg-1 (bug #947381)
[buster] - asterisk 1:16.2.1~dfsg-1+deb10u2
- [stretch] - asterisk <no-dsa> (Minor issue)
NOTE: https://downloads.asterisk.org/pub/security/AST-2019-006.html
NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-28589
CVE-2019-18789
@@ -172608,7 +172605,6 @@ CVE-2019-18610 (An issue was discovered in manager.c in Sangoma Asterisk through
{DLA-2017-1}
- asterisk 1:16.10.0~dfsg-1 (bug #947377)
[buster] - asterisk 1:16.2.1~dfsg-1+deb10u2
- [stretch] - asterisk <no-dsa> (Minor issue)
NOTE: https://downloads.asterisk.org/pub/security/AST-2019-007.html
NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-28580
CVE-2019-18609 (An issue was discovered in amqp_handle_input in amqp_connection.c in r ...)
@@ -191090,7 +191086,6 @@ CVE-2019-13162
CVE-2019-13161 (An issue was discovered in Asterisk Open Source through 13.27.0, 14.x ...)
- asterisk 1:16.2.1~dfsg-2 (low; bug #931981)
[buster] - asterisk 1:16.2.1~dfsg-1+deb10u1
- [stretch] - asterisk <no-dsa> (Minor issue)
[jessie] - asterisk <postponed> (Minor issue)
NOTE: http://downloads.digium.com/pub/security/AST-2019-003.html
NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-28465
=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[03 Apr 2022] DLA-2969-1 asterisk - security update
+ {CVE-2019-13161 CVE-2019-18610 CVE-2019-18790 CVE-2019-18976 CVE-2020-28242}
+ [stretch] - asterisk 1:13.14.1~dfsg-2+deb9u6
[02 Apr 2022] DLA-2968-1 zlib - security update
{CVE-2018-25032}
[stretch] - zlib 1:1.2.8.dfsg-5+deb9u1
=====================================
data/dla-needed.txt
=====================================
@@ -20,10 +20,6 @@ ansible
NOTE: 20210411: after that LTS. (apo)
NOTE: 20210426: https://people.debian.org/~apo/lts/ansible/
--
-asterisk (Abhijith PA)
- NOTE: 20220314: Looking on back log no-dsa (abhijith)
- NOTE: 20220322: https://people.debian.org/~abhijith/upload/vda/asterisk_13.14.1~dfsg-2+deb9u6.dsc (abhijith)
---
ckeditor
NOTE: 20220402: multiple pendings vulnerabilities (Beuc)
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/022be0cee759f7f86e657013407b26dc9af49eb7
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/022be0cee759f7f86e657013407b26dc9af49eb7
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220403/b2d08baa/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list