[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] 2 commits: Update information for CVE-2017-17850/asterisk

Thu, 28 Dec 2017 01:02:16 -0800 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
84ff91a0 by Salvatore Bonaccorso at 2017-12-27T22:20:49+00:00
Update information for CVE-2017-17850/asterisk

Maintainer confirmed question about introducing versions. Confirmed to
be post 13.15.0 and post 13.18.0 partially, resulting in
1:13.17.0~dfsg-1 beeing the first version in Debian including the
vulnerability.

Thanks: Bernhard Schmidt and Tzafrir

git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@58977 
e39458fd-73e7-0310-bf30-c45bca0a0e42

- - - - -
107c22e9 by Salvatore Bonaccorso at 2017-12-27T23:13:38+00:00
CVE-2017-17850/asterisk fixed in unstable

git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@58978 
e39458fd-73e7-0310-bf30-c45bca0a0e42

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -248,7 +248,10 @@ CVE-2017-17858
 CVE-2017-17851
        RESERVED
 CVE-2017-17850 (An issue was discovered in Asterisk 13.18.4 and older, 14.7.4 
and ...)
-       - asterisk <unfixed> (bug #885072)
+       - asterisk 1:13.18.5~dfsg-1 (bug #885072)
+       [stretch] - asterisk <not-affected> (Vulnerable code introduced after 
13.15.0)
+       [jessie] - asterisk <not-affected> (Vulnerable code introduced after 
13.15.0)
+       [wheezy] - asterisk <not-affected> (Vulnerable code introduced after 
13.15.0)
        NOTE: http://downloads.asterisk.org/pub/security/AST-2017-014.html
        NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-27480
 CVE-2017-17849 (A buffer overflow vulnerability in GetGo Download Manager 
5.3.0.2712 ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/compare/b55af15f3ef78d574aa2f8f3f4477f92fc986414...107c22e993fd2d68c6991c74aeed8ab4570f4702

---
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/compare/b55af15f3ef78d574aa2f8f3f4477f92fc986414...107c22e993fd2d68c6991c74aeed8ab4570f4702
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to