Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
c2d8fd94 by Moritz Muehlenhoff at 2022-07-14T19:07:27+02:00
more asterisk issues fixed in sid
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -30889,8 +30889,7 @@ CVE-2022-24755 (Bareos is open source software for
backup, archiving, and recove
NOTE: https://huntr.dev/bounties/480121f2-bc3c-427e-986e-5acffb1606c5/
CVE-2022-24754 (PJSIP is a free and open source multimedia communication
library writt ...)
{DLA-2962-1}
- - asterisk <unfixed>
- [stretch] - asterisk <not-affected> (Vulnerable code not present)
+ - asterisk <not-affected> (Vulnerable code not present)
- pjproject <removed>
- ring <unfixed>
NOTE:
https://github.com/pjsip/pjproject/security/advisories/GHSA-73f7-48m9-w662
@@ -47420,7 +47419,7 @@ CVE-2022-21723 (PJSIP is a free and open source
multimedia communication library
NOTE:
https://github.com/pjsip/pjproject/commit/077b465c33f0aec05a49cd2ca456f9a1b112e896
CVE-2022-21722 (PJSIP is a free and open source multimedia communication
library writt ...)
{DLA-2962-1}
- - asterisk <unfixed>
+ - asterisk 1:18.12.0~dfsg+~cs6.12.40431413-1
[stretch] - asterisk <not-affected> (Vulnerable code not present)
- pjproject <removed>
- ring <unfixed>
@@ -47950,7 +47949,7 @@ CVE-2021-43846 (`solidus_frontend` is the cart and
storefront for the Solidus e-
NOT-FOR-US: solidus_frontend
CVE-2021-43845 (PJSIP is a free and open source multimedia communication
library. In v ...)
{DLA-2962-1}
- - asterisk <unfixed>
+ - asterisk 1:18.12.0~dfsg+~cs6.12.40431413-1
[stretch] - asterisk <not-affected> (Vulnerable code not present)
- pjproject <removed>
- ring <unfixed>
@@ -48055,7 +48054,7 @@ CVE-2021-43805 (Solidus is a free, open-source
ecommerce platform built on Rails
NOT-FOR-US: Solidus
CVE-2021-43804 (PJSIP is a free and open source multimedia communication
library writt ...)
{DLA-2962-1}
- - asterisk <unfixed>
+ - asterisk 1:18.12.0~dfsg+~cs6.12.40431413-1
[stretch] - asterisk <not-affected> (Vulnerable code not present)
- pjproject <removed>
- ring <unfixed>
@@ -50373,7 +50372,7 @@ CVE-2021-43304 (Heap buffer overflow in Clickhouse's
LZ4 compression codec when
NOTE:
https://jfrog.com/blog/7-rce-and-dos-vulnerabilities-found-in-clickhouse-dbms/
CVE-2021-43303 (Buffer overflow in PJSUA API when calling pjsua_call_dump. An
attacker ...)
{DLA-2962-1}
- - asterisk <unfixed>
+ - asterisk 1:18.11.1~dfsg+~cs6.10.40431413-1
[stretch] - asterisk <not-affected> (Vulnerable code not present)
- pjproject <removed>
- ring <unfixed>
@@ -50381,7 +50380,7 @@ CVE-2021-43303 (Buffer overflow in PJSUA API when
calling pjsua_call_dump. An at
NOTE:
https://github.com/pjsip/pjproject/commit/d979253c924a686fa511d705be1f3ad0c5b20337
CVE-2021-43302 (Read out-of-bounds in PJSUA API when calling
pjsua_recorder_create. An ...)
{DLA-2962-1}
- - asterisk <unfixed>
+ - asterisk 1:18.11.1~dfsg+~cs6.10.40431413-1
[stretch] - asterisk <not-affected> (Vulnerable code not present)
- pjproject <removed>
- ring <unfixed>
@@ -50389,7 +50388,7 @@ CVE-2021-43302 (Read out-of-bounds in PJSUA API when
calling pjsua_recorder_crea
NOTE:
https://github.com/pjsip/pjproject/commit/d979253c924a686fa511d705be1f3ad0c5b20337
CVE-2021-43301 (Stack overflow in PJSUA API when calling
pjsua_playlist_create. An att ...)
{DLA-2962-1}
- - asterisk <unfixed>
+ - asterisk 1:18.11.1~dfsg+~cs6.10.40431413-1
[stretch] - asterisk <not-affected> (Vulnerable code not present)
- pjproject <removed>
- ring <unfixed>
@@ -50397,7 +50396,7 @@ CVE-2021-43301 (Stack overflow in PJSUA API when
calling pjsua_playlist_create.
NOTE:
https://github.com/pjsip/pjproject/commit/d979253c924a686fa511d705be1f3ad0c5b20337
CVE-2021-43300 (Stack overflow in PJSUA API when calling
pjsua_recorder_create. An att ...)
{DLA-2962-1}
- - asterisk <unfixed>
+ - asterisk 1:18.11.1~dfsg+~cs6.10.40431413-1
[stretch] - asterisk <not-affected> (Vulnerable code not present)
- pjproject <removed>
- ring <unfixed>
@@ -50405,7 +50404,7 @@ CVE-2021-43300 (Stack overflow in PJSUA API when
calling pjsua_recorder_create.
NOTE:
https://github.com/pjsip/pjproject/commit/d979253c924a686fa511d705be1f3ad0c5b20337
CVE-2021-43299 (Stack overflow in PJSUA API when calling pjsua_player_create.
An attac ...)
{DLA-2962-1}
- - asterisk <unfixed>
+ - asterisk 1:18.11.1~dfsg+~cs6.10.40431413-1
[stretch] - asterisk <not-affected> (Vulnerable code not present)
- pjproject <removed>
- ring <unfixed>
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c2d8fd9402d6ea16308b27a94dd87343eb400787
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c2d8fd9402d6ea16308b27a94dd87343eb400787
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
