[Git][security-tracker-team/security-tracker][master] Reserve DLA-3036-1 for pjproject

Abhijith PA (@abhijith) abhijith at debian.org
Tue May 31 09:46:32 BST 2022 


Abhijith PA pushed to branch master at Debian Security Tracker / security-tracker


Commits:
aa6d4125 by Abhijith PA at 2022-05-31T14:15:55+05:30
Reserve DLA-3036-1 for pjproject

- - - - -


3 changed files:

- data/CVE/list
- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -20779,7 +20779,6 @@ CVE-2022-24763 (PJSIP is a free and open source multimedia communication library
 	- asterisk <unfixed>
 	[stretch] - asterisk <not-affected> (Vulnerable code not present)
 	- pjproject <removed>
-	[stretch] - pjproject <postponed> (Minor issue, infinite loop DoS)
 	- ring <unfixed>
 	NOTE: https://github.com/pjsip/pjproject/security/advisories/GHSA-5x45-qp78-g4p4
 	NOTE: https://github.com/pjsip/pjproject/commit/856f87c2e97a27b256482dbe0d748b1194355a21


=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[31 May 2022] DLA-3036-1 pjproject - security update
+	{CVE-2022-24763 CVE-2022-24792 CVE-2022-24793}
+	[stretch] - pjproject 2.5.5~dfsg-6+deb9u5
 [30 May 2022] DLA-3035-1 libdbi-perl - security update
 	{CVE-2014-10402}
 	[stretch] - libdbi-perl 1.636-1+deb9u2


=====================================
data/dla-needed.txt
=====================================
@@ -233,10 +233,6 @@ pdns
 pidgin (Andreas Rönnquist)
   NOTE: 20220529: Programming language: C.
 --
-pjproject (Abhijith PA)
-  NOTE: 20220529: Programming language: C.
-  NOTE: 20220527: Same CVE asterisk (abhijith)
---
 plinth
   NOTE: 20220529: Programming language: Python.
   NOTE: 20220524: Follow buster: harmonize with with Debian 10.7 and 10.10 (2 CVEs) (Beuc/front-desk)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/aa6d4125ae9d9784e5916371f47c21203309df32

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/aa6d4125ae9d9784e5916371f47c21203309df32
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220531/a091520f/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list