[Git][security-tracker-team/security-tracker][master] Add CVE-2023-38703/pjproject

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a4c1e18b by Salvatore Bonaccorso at 2023-10-19T22:14:23+02:00
Add CVE-2023-38703/pjproject

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -2308,7 +2308,11 @@ CVE-2023-40008 (Cross-Site Request Forgery (CSRF) vulnerability in Gangesh Matta
 CVE-2023-3725 (Potential buffer overflow vulnerability in the Zephyr CAN bus subsyste ...)
 	NOT-FOR-US: Zephyr RTOS (unrelated to src:zephyr)
 CVE-2023-38703 (PJSIP is a free and open source multimedia communication library writt ...)
-	TODO: check
+	- asterisk <undetermined>
+	- pjproject <removed>
+	- ring <undetermined>
+	NOTE: https://github.com/pjsip/pjproject/security/advisories/GHSA-f76w-fh7c-pc66
+	NOTE: https://github.com/pjsip/pjproject/commit/6dc9b8c181aff39845f02b4626e0812820d4ef0d
 CVE-2023-36465 (Decidim is a participatory democracy framework, written in Ruby on Rai ...)
 	NOT-FOR-US: Decidim
 CVE-2023-35897 (IBM Spectrum Protect Client and IBM Storage Protect for Virtual Enviro ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a4c1e18bd11bd17fbee72cf4246d3fe29496307a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a4c1e18bd11bd17fbee72cf4246d3fe29496307a
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231019/fc321b54/attachment.htm>