[Git][security-tracker-team/security-tracker][master] CVE-2025-57767,asterisk: bullseye is not affected
Markus Koschany (@apo)
apo at debian.org
Fri Oct 10 12:09:00 BST 2025
Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker
Commits:
7ac03e30 by Markus Koschany at 2025-10-10T13:08:51+02:00
CVE-2025-57767,asterisk: bullseye is not affected
The vulnerable code was introduced later in commit
https://github.com/gtjoseph/asterisk/commit/71a2e8c5998a1520ddc1ea2756c61c611a0d419e
pjsip_authorization_hdr function and related code in pj_status_t digest_lookup
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -16566,6 +16566,7 @@ CVE-2025-57819 (FreePBX is an open-source web-based graphical user interface. Fr
NOT-FOR-US: FreePBX
CVE-2025-57767 (Asterisk is an open source private branch exchange and telephony toolk ...)
- asterisk 1:22.5.2~dfsg+~cs6.15.60671435-1 (bug #1112470)
+ [bullseye] - asterisk <not-affected> (The vulnerable code was introduced later)
NOTE: https://github.com/asterisk/asterisk/security/advisories/GHSA-64qc-9x89-rx5j
NOTE: https://github.com/asterisk/asterisk/pull/1407
NOTE: Fixed by: https://github.com/asterisk/asterisk/commit/02993717b08f899d4aca9888062f35dfb198584f
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7ac03e30809a748f8228a2c5861aa6688f7afa5e
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7ac03e30809a748f8228a2c5861aa6688f7afa5e
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251010/52d1de73/attachment.htm>
More information about the debian-security-tracker-commits
mailing list