[Git][security-tracker-team/security-tracker][master] Track fixed version for asterisk issues
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sun Sep 8 06:03:25 BST 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
f402f14b by Salvatore Bonaccorso at 2024-09-08T07:02:58+02:00
Track fixed version for asterisk issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -381,7 +381,11 @@ CVE-2024-44587 (itsourcecode Alton Management System 1.0 is vulnerable to SQL In
CVE-2024-42885 (SQL Injection vulnerability in ESAFENET CDG 5.6 and before allows an a ...)
NOT-FOR-US: ESAFENET CDG
CVE-2024-42491 (Asterisk is an open-source private branch exchange (PBX). Prior to ver ...)
- TODO: check
+ - asterisk 1:20.9.3~dfsg+~cs6.14.60671435-1
+ NOTE: https://github.com/asterisk/asterisk/security/advisories/GHSA-v428-g3cw-7hv9
+ NOTE: https://github.com/asterisk/asterisk/commit/50bf8d4d3064930d28ecf1ce3397b14574d514d2 (18.24.3)
+ NOTE: https://github.com/asterisk/asterisk/commit/a15050650abf09c10a3c135fab148220cd41d3a0 (20.9.3)
+ NOTE: https://github.com/asterisk/asterisk/commit/4f01669c7c41c9184f3cce9a3cf1b2ebf6201742 (21.4.3)
CVE-2024-24759 (MindsDB is a platform for building artificial intelligence from enterp ...)
NOT-FOR-US: MindsDB
CVE-2023-51712 (An issue was discovered in Trusted Firmware-M through 2.0.0. The lack ...)
@@ -6667,7 +6671,7 @@ CVE-2024-42408 (The InfoScan client download page can be intercepted with a prox
CVE-2024-42366 (VRCX is an assistant/companion application for VRChat. In versions pri ...)
NOT-FOR-US: VRCX
CVE-2024-42365 (Asterisk is an open source private branch exchange (PBX) and telephony ...)
- - asterisk <unfixed> (bug #1078574)
+ - asterisk 1:20.9.3~dfsg+~cs6.14.60671435-1 (bug #1078574)
NOTE: https://github.com/asterisk/asterisk/security/advisories/GHSA-c4cg-9275-6w44
NOTE: https://github.com/asterisk/asterisk/commit/b4063bf756272254b160b6d1bd6e9a3f8e16cc71 (21.4.2)
NOTE: https://github.com/asterisk/asterisk/commit/bbe68db10ab8a80c29db383e4dfe14f6eafaf993 (20.9.2)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f402f14b5feb0f5c1d06b92f2c47350b640e20bf
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f402f14b5feb0f5c1d06b92f2c47350b640e20bf
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240908/b6885052/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list