Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
5ca88a70 by Moritz Mühlenhoff at 2022-07-30T20:15:40+02:00
asterisk fixed in sid
dovecot no-dsa
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -16989,6 +16989,8 @@ CVE-2022-30551 (OPC UA Legacy Java Stack 2022-04-01
allows a remote attacker to
NOT-FOR-US: OPC UA Legacy Java Stack
CVE-2022-30550 (An issue was discovered in the auth component in Dovecot 2.2
and 2.3 b ...)
- dovecot <unfixed> (bug #1016351)
+ [bullseye] - dovecot <no-dsa> (Minor issue)
+ [buster] - dovecot <no-dsa> (Minor issue)
NOTE: https://www.openwall.com/lists/oss-security/2022/07/06/9
NOTE:
https://github.com/dovecot/core/commit/7bad6a24160e34bce8f10e73dbbf9e5fbbcd1904
NOTE:
https://github.com/dovecot/core/commit/a1022072e2ce36f853873d910287f466165b184b
@@ -33729,7 +33731,7 @@ CVE-2022-24794 (Express OpenID Connect is an Express JS
middleware implementing
NOT-FOR-US: Express OpenID Connect
CVE-2022-24793 (PJSIP is a free and open source multimedia communication
library writt ...)
{DLA-3036-1}
- - asterisk <unfixed> (bug #1014976)
+ - asterisk 1:18.14.0~~rc1~dfsg+~cs6.12.40431414-1 (bug #1014976)
[stretch] - asterisk <not-affected> (Vulnerable code not present)
- pjproject <removed>
- ring <unfixed> (bug #1014998)
@@ -33737,7 +33739,7 @@ CVE-2022-24793 (PJSIP is a free and open source
multimedia communication library
NOTE:
https://github.com/pjsip/pjproject/commit/9fae8f43accef8ea65d4a8ae9cdf297c46cfe29a
CVE-2022-24792 (PJSIP is a free and open source multimedia communication
library writt ...)
{DLA-3036-1}
- - asterisk <unfixed> (bug #1014976)
+ - asterisk 1:18.14.0~~rc1~dfsg+~cs6.12.40431414-1 (bug #1014976)
[stretch] - asterisk <not-affected> (Vulnerable code not present)
- pjproject <removed>
- ring <unfixed> (unimportant)
@@ -33762,7 +33764,7 @@ CVE-2022-24788 (Vyper is a pythonic Smart Contract
Language for the ethereum vir
CVE-2022-24787 (Vyper is a Pythonic Smart Contract Language for the Ethereum
Virtual M ...)
NOT-FOR-US: Vyper
CVE-2022-24786 (PJSIP is a free and open source multimedia communication
library writt ...)
- - asterisk <unfixed> (bug #1014976)
+ - asterisk 1:18.14.0~~rc1~dfsg+~cs6.12.40431414-1 (bug #1014976)
[stretch] - asterisk <not-affected> (Vulnerable code not present)
- pjproject <removed>
[stretch] - pjproject <not-affected> (Vulnerable code not present)
@@ -33853,7 +33855,7 @@ CVE-2022-24765 (Git for Windows is a fork of Git
containing Windows-specific pat
NOTE:
https://github.blog/2022-04-12-git-security-vulnerability-announced/
CVE-2022-24764 (PJSIP is a free and open source multimedia communication
library writt ...)
{DLA-2962-1}
- - asterisk <unfixed> (bug #1014976)
+ - asterisk 1:18.14.0~~rc1~dfsg+~cs6.12.40431414-1 (bug #1014976)
[stretch] - asterisk <not-affected> (Vulnerable code not present)
- pjproject <unfixed>
- ring <unfixed> (bug #1014998)
@@ -33861,7 +33863,7 @@ CVE-2022-24764 (PJSIP is a free and open source
multimedia communication library
NOTE:
https://github.com/pjsip/pjproject/commit/560a1346f87aabe126509bb24930106dea292b00
CVE-2022-24763 (PJSIP is a free and open source multimedia communication
library writt ...)
{DLA-3036-1}
- - asterisk <unfixed> (bug #1014976)
+ - asterisk 1:18.14.0~~rc1~dfsg+~cs6.12.40431414-1 (bug #1014976)
[stretch] - asterisk <not-affected> (Vulnerable code not present)
- pjproject <removed>
- ring <unfixed> (bug #1014998)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5ca88a70568ce631357cc23edc35e5d4f1f1d402
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5ca88a70568ce631357cc23edc35e5d4f1f1d402
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
