[Secure-testing-commits] r12797 - in data: CVE NMU

Giuseppe Iuculano Sun, 13 Sep 2009 07:47:29 -0700

Author: derevko-guest
Date: 2009-09-13 14:47:22 +0000 (Sun, 13 Sep 2009)
New Revision: 12797


Modified:
   data/CVE/list
   data/NMU/list
Log:
- CVE-2009-2726 and CVE-2009-2651 fixed in asterisk 1:1.6.2.0~dfsg~rc1-1
- CVE-2009-1882 fixed in graphicsmagick 1.3.5-5.1


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2009-09-13 11:48:12 UTC (rev 12796)
+++ data/CVE/list       2009-09-13 14:47:22 UTC (rev 12797)
@@ -1570,7 +1570,7 @@
 CVE-2009-2727 (Stack-based buffer overflow in the _tt_internal_realpath 
function in ...)
        NOT-FOR-US: IBM AIX
 CVE-2009-2726 (The SIP channel driver in Asterisk Open Source 1.2.x before 
1.2.34, ...)
-       - asterisk <unfixed> (bug #541441)
+       - asterisk 1:1.6.2.0~dfsg~rc1-1 (bug #541441)
        [squeeze] - asterisk <not-affected> (Doesn't permit SIP packets to 
exceed 1500 bytes total)
        [lenny] - asterisk <not-affected> (Doesn't permit SIP packets to exceed 
1500 bytes total)
        [etch] - asterisk <not-affected> (Doesn't permit SIP packets to exceed 
1500 bytes total)
@@ -1982,7 +1982,7 @@
        NOTE: fixed in iceweasel 3.0.13 and 3.5.2, which have yet to be uploaded
        TODO: check whether other web browsers are affected and file bugs
 CVE-2009-2651 (main/rtp.c in Asterisk Open Source 1.6.1 before 1.6.1.2 allows 
remote ...)
-       - asterisk <unfixed> (low; bug #539473)
+       - asterisk 1:1.6.2.0~dfsg~rc1-1 (low; bug #539473)
        [etch] - asterisk <not-affected> (Vulnerable code not present)
        [lenny] - asterisk <not-affected> (Vulnerable code not present)
        [squeeze] - asterisk <not-affected> (Vulnerable code not present)
@@ -4042,7 +4042,7 @@
 CVE-2009-1882 (Integer overflow in the XMakeImage function in magick/xwindow.c 
in ...)
        {DSA-1858-1}
        - imagemagick 7:6.5.1.0-1.1 (medium; bug #530838)
-       - graphicsmagick <unfixed> (medium; bug #530946)
+       - graphicsmagick 1.3.5-5.1 (medium; bug #530946)
 CVE-2009-1881 (Cross-site scripting (XSS) vulnerability in MT312 IMG-BBS 
allows ...)
        NOT-FOR-US: MT312
 CVE-2009-1880 (Cross-site scripting (XSS) vulnerability in MT312 REP-BBS 
allows ...)

Modified: data/NMU/list
===================================================================
--- data/NMU/list       2009-09-13 11:48:12 UTC (rev 12796)
+++ data/NMU/list       2009-09-13 14:47:22 UTC (rev 12797)
@@ -165,3 +165,4 @@
 2009-08-16 libxml2 2.7.3.dfsg-2.1
 2009-08-27 curl 7.19.5-1.1
 2009-09-08 strongswan 4.3.2-1.1
+2009-09-13 graphicsmagick 1.3.5-5.1


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r12797 - in data: CVE NMU

Reply via email to