Bug#1016974: sofia-sip: CVE-2022-31001 CVE-2022-31002 CVE-2022-31003
Evangelos Ribeiro Tzaras
devrtz-debian at fortysixandtwo.eu
Thu Aug 11 22:08:49 BST 2022
Hi Moritz,
On Wed, 2022-08-10 at 22:08 +0200, Moritz Mühlenhoff wrote:
> Source: sofia-sip
> X-Debbugs-CC: team at security.debian.org
> Severity: grave
> Tags: security
>
> Hi,
>
> The following vulnerabilities were published for sofia-sip.
I will try to apply the patches and prepare a release!
> CVE-2022-31001[0]:
...
> CVE-2022-31002[1]:
...
> CVE-2022-31003[2]:
...
>
> If you fix the vulnerabilities please also make sure to include the
> CVE (Common Vulnerabilities & Exposures) ids in your changelog entry.
ACK.
Is there a specific format needed when referencing the CVE?
> For further information see:
>
> [0] https://security-tracker.debian.org/tracker/CVE-2022-31001
> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31001
> [1] https://security-tracker.debian.org/tracker/CVE-2022-31002
> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31002
> [2] https://security-tracker.debian.org/tracker/CVE-2022-31003
> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31003
> Please adjust the affected versions in the BTS as needed.
Will do once I've checked in some detail.
--
Cheers,
Evangelos
PGP: B938 6554 B7DD 266B CB8E 29A9 90F0 C9B1 8A6B 4A19
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 878 bytes
Desc: This is a digitally signed message part
URL: <http://alioth-lists.debian.net/pipermail/pkg-voip-maintainers/attachments/20220811/063b6b71/attachment-0001.sig>
More information about the Pkg-voip-maintainers
mailing list