[Git][security-tracker-team/security-tracker][master] asterisk fixed in sid

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5ca88a70 by Moritz Mühlenhoff at 2022-07-30T20:15:40+02:00
asterisk fixed in sid
dovecot no-dsa

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -16989,6 +16989,8 @@ CVE-2022-30551 (OPC UA Legacy Java Stack 2022-04-01 allows a remote attacker to
 	NOT-FOR-US: OPC UA Legacy Java Stack
 CVE-2022-30550 (An issue was discovered in the auth component in Dovecot 2.2 and 2.3 b ...)
 	- dovecot <unfixed> (bug #1016351)
+	[bullseye] - dovecot <no-dsa> (Minor issue)
+	[buster] - dovecot <no-dsa> (Minor issue)
 	NOTE: https://www.openwall.com/lists/oss-security/2022/07/06/9
 	NOTE: https://github.com/dovecot/core/commit/7bad6a24160e34bce8f10e73dbbf9e5fbbcd1904
 	NOTE: https://github.com/dovecot/core/commit/a1022072e2ce36f853873d910287f466165b184b
@@ -33729,7 +33731,7 @@ CVE-2022-24794 (Express OpenID Connect is an Express JS middleware implementing
 	NOT-FOR-US: Express OpenID Connect
 CVE-2022-24793 (PJSIP is a free and open source multimedia communication library writt ...)
 	{DLA-3036-1}
-	- asterisk <unfixed> (bug #1014976)
+	- asterisk 1:18.14.0~~rc1~dfsg+~cs6.12.40431414-1 (bug #1014976)
 	[stretch] - asterisk <not-affected> (Vulnerable code not present)
 	- pjproject <removed>
 	- ring <unfixed> (bug #1014998)
@@ -33737,7 +33739,7 @@ CVE-2022-24793 (PJSIP is a free and open source multimedia communication library
 	NOTE: https://github.com/pjsip/pjproject/commit/9fae8f43accef8ea65d4a8ae9cdf297c46cfe29a
 CVE-2022-24792 (PJSIP is a free and open source multimedia communication library writt ...)
 	{DLA-3036-1}
-	- asterisk <unfixed> (bug #1014976)
+	- asterisk 1:18.14.0~~rc1~dfsg+~cs6.12.40431414-1 (bug #1014976)
 	[stretch] - asterisk <not-affected> (Vulnerable code not present)
 	- pjproject <removed>
 	- ring <unfixed> (unimportant)
@@ -33762,7 +33764,7 @@ CVE-2022-24788 (Vyper is a pythonic Smart Contract Language for the ethereum vir
 CVE-2022-24787 (Vyper is a Pythonic Smart Contract Language for the Ethereum Virtual M ...)
 	NOT-FOR-US: Vyper
 CVE-2022-24786 (PJSIP is a free and open source multimedia communication library writt ...)
-	- asterisk <unfixed> (bug #1014976)
+	- asterisk 1:18.14.0~~rc1~dfsg+~cs6.12.40431414-1 (bug #1014976)
 	[stretch] - asterisk <not-affected> (Vulnerable code not present)
 	- pjproject <removed>
 	[stretch] - pjproject <not-affected> (Vulnerable code not present)
@@ -33853,7 +33855,7 @@ CVE-2022-24765 (Git for Windows is a fork of Git containing Windows-specific pat
 	NOTE: https://github.blog/2022-04-12-git-security-vulnerability-announced/
 CVE-2022-24764 (PJSIP is a free and open source multimedia communication library writt ...)
 	{DLA-2962-1}
-	- asterisk <unfixed> (bug #1014976)
+	- asterisk 1:18.14.0~~rc1~dfsg+~cs6.12.40431414-1 (bug #1014976)
 	[stretch] - asterisk <not-affected> (Vulnerable code not present)
 	- pjproject <unfixed>
 	- ring <unfixed> (bug #1014998)
@@ -33861,7 +33863,7 @@ CVE-2022-24764 (PJSIP is a free and open source multimedia communication library
 	NOTE: https://github.com/pjsip/pjproject/commit/560a1346f87aabe126509bb24930106dea292b00
 CVE-2022-24763 (PJSIP is a free and open source multimedia communication library writt ...)
 	{DLA-3036-1}
-	- asterisk <unfixed> (bug #1014976)
+	- asterisk 1:18.14.0~~rc1~dfsg+~cs6.12.40431414-1 (bug #1014976)
 	[stretch] - asterisk <not-affected> (Vulnerable code not present)
 	- pjproject <removed>
 	- ring <unfixed> (bug #1014998)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5ca88a70568ce631357cc23edc35e5d4f1f1d402

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5ca88a70568ce631357cc23edc35e5d4f1f1d402
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220730/b41e0803/attachment.htm>