[Git][security-tracker-team/security-tracker][master] Track fixed version for asterisk issues

Sat, 07 Sep 2024 22:03:33 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
f402f14b by Salvatore Bonaccorso at 2024-09-08T07:02:58+02:00
Track fixed version for asterisk issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -381,7 +381,11 @@ CVE-2024-44587 (itsourcecode Alton Management System 1.0 
is vulnerable to SQL In
 CVE-2024-42885 (SQL Injection vulnerability in ESAFENET CDG 5.6 and before 
allows an a ...)
        NOT-FOR-US: ESAFENET CDG
 CVE-2024-42491 (Asterisk is an open-source private branch exchange (PBX). 
Prior to ver ...)
-       TODO: check
+       - asterisk 1:20.9.3~dfsg+~cs6.14.60671435-1
+       NOTE: 
https://github.com/asterisk/asterisk/security/advisories/GHSA-v428-g3cw-7hv9
+       NOTE: 
https://github.com/asterisk/asterisk/commit/50bf8d4d3064930d28ecf1ce3397b14574d514d2
 (18.24.3)
+       NOTE: 
https://github.com/asterisk/asterisk/commit/a15050650abf09c10a3c135fab148220cd41d3a0
 (20.9.3)
+       NOTE: 
https://github.com/asterisk/asterisk/commit/4f01669c7c41c9184f3cce9a3cf1b2ebf6201742
 (21.4.3)
 CVE-2024-24759 (MindsDB is a platform for building artificial intelligence 
from enterp ...)
        NOT-FOR-US: MindsDB
 CVE-2023-51712 (An issue was discovered in Trusted Firmware-M through 2.0.0. 
The lack  ...)
@@ -6667,7 +6671,7 @@ CVE-2024-42408 (The InfoScan client download page can be 
intercepted with a prox
 CVE-2024-42366 (VRCX is an assistant/companion application for VRChat. In 
versions pri ...)
        NOT-FOR-US: VRCX
 CVE-2024-42365 (Asterisk is an open source private branch exchange (PBX) and 
telephony ...)
-       - asterisk <unfixed> (bug #1078574)
+       - asterisk 1:20.9.3~dfsg+~cs6.14.60671435-1 (bug #1078574)
        NOTE: 
https://github.com/asterisk/asterisk/security/advisories/GHSA-c4cg-9275-6w44
        NOTE: 
https://github.com/asterisk/asterisk/commit/b4063bf756272254b160b6d1bd6e9a3f8e16cc71
 (21.4.2)
        NOTE: 
https://github.com/asterisk/asterisk/commit/bbe68db10ab8a80c29db383e4dfe14f6eafaf993
 (20.9.2)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f402f14b5feb0f5c1d06b92f2c47350b640e20bf

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f402f14b5feb0f5c1d06b92f2c47350b640e20bf
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to