Neil Williams pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
385c80e0 by Neil Williams at 2022-04-26T08:39:32+01:00
CVE-2022-24754 asterisk & ring both enable the vulnerable hashed digest code
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -13830,10 +13830,11 @@ CVE-2022-24755 (Bareos is open source software for
backup, archiving, and recove
NOTE: https://huntr.dev/bounties/480121f2-bc3c-427e-986e-5acffb1606c5/
CVE-2022-24754 (PJSIP is a free and open source multimedia communication
library writt ...)
{DLA-2962-1}
+ - asterisk <unfixed>
- pjproject <removed>
+ - ring <unfixed>
NOTE:
https://github.com/pjsip/pjproject/security/advisories/GHSA-73f7-48m9-w662
NOTE:
https://github.com/pjsip/pjproject/commit/d27f79da11df7bc8bb56c2f291d71e54df8d2c47
- TODO: check impact on src:asterisk and src:ring
CVE-2022-24753 (Stripe CLI is a command-line tool for the Stripe eCommerce
platform. A ...)
NOT-FOR-US: Stripe CLI
CVE-2022-24752 (SyliusGridBundle is a package of generic data grids for
Symfony applic ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/385c80e0a3652c87af18eb14eadc35cfeb97b694
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/385c80e0a3652c87af18eb14eadc35cfeb97b694
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
