[Git][security-tracker-team/security-tracker][master] Add CVE-2022-23608/pjproject
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Feb 23 09:00:26 GMT 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
412616b9 by Salvatore Bonaccorso at 2022-02-23T09:58:56+01:00
Add CVE-2022-23608/pjproject
For asterisk and ring the security impact need yet to be checked (and
then tracked in case they are impacted).
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -6612,7 +6612,10 @@ CVE-2022-23610
CVE-2022-23609 (iTunesRPC-Remastered is a Discord Rich Presence for iTunes on Windows ...)
NOT-FOR-US: iTunesRPC-Remastered
CVE-2022-23608 (PJSIP is a free and open source multimedia communication library writt ...)
- TODO: check
+ - pjproject <removed>
+ NOTE: https://github.com/pjsip/pjproject/security/advisories/GHSA-ffff-m5fm-qm62
+ NOTE: https://github.com/pjsip/pjproject/commit/db3235953baa56d2fb0e276ca510fefca751643f
+ TODO: check if it has security impact for asterisk/ring
CVE-2022-23607 (treq is an HTTP library inspired by requests but written on top of Twi ...)
- python-treq <unfixed> (bug #1005041)
NOTE: https://github.com/twisted/treq/security/advisories/GHSA-fhpf-pp6p-55qc
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/412616b9c408433e717eaf97e5169c00ef12647a
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/412616b9c408433e717eaf97e5169c00ef12647a
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220223/95aac3cd/attachment.htm>
More information about the debian-security-tracker-commits
mailing list