Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker
Commits: 7ac03e30 by Markus Koschany at 2025-10-10T13:08:51+02:00 CVE-2025-57767,asterisk: bullseye is not affected The vulnerable code was introduced later in commit https://github.com/gtjoseph/asterisk/commit/71a2e8c5998a1520ddc1ea2756c61c611a0d419e pjsip_authorization_hdr function and related code in pj_status_t digest_lookup - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -16566,6 +16566,7 @@ CVE-2025-57819 (FreePBX is an open-source web-based graphical user interface. Fr NOT-FOR-US: FreePBX CVE-2025-57767 (Asterisk is an open source private branch exchange and telephony toolk ...) - asterisk 1:22.5.2~dfsg+~cs6.15.60671435-1 (bug #1112470) + [bullseye] - asterisk <not-affected> (The vulnerable code was introduced later) NOTE: https://github.com/asterisk/asterisk/security/advisories/GHSA-64qc-9x89-rx5j NOTE: https://github.com/asterisk/asterisk/pull/1407 NOTE: Fixed by: https://github.com/asterisk/asterisk/commit/02993717b08f899d4aca9888062f35dfb198584f View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7ac03e30809a748f8228a2c5861aa6688f7afa5e -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7ac03e30809a748f8228a2c5861aa6688f7afa5e You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
