diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2017-12-27 22:20:49 +0000 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2017-12-27 22:20:49 +0000 |
commit | 84ff91a0304bb0937d4da7fec626f136b2d23902 (patch) | |
tree | 66b02c43f442bb4d2b8e3c042f5d6bc3b31707a1 /data | |
parent | b55af15f3ef78d574aa2f8f3f4477f92fc986414 (diff) |
Update information for CVE-2017-17850/asterisk
Maintainer confirmed question about introducing versions. Confirmed to
be post 13.15.0 and post 13.18.0 partially, resulting in
1:13.17.0~dfsg-1 beeing the first version in Debian including the
vulnerability.
Thanks: Bernhard Schmidt and Tzafrir
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@58977 e39458fd-73e7-0310-bf30-c45bca0a0e42
Diffstat (limited to 'data')
-rw-r--r-- | data/CVE/list | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/data/CVE/list b/data/CVE/list index eab9bb2fb8..4b4444557d 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -249,6 +249,9 @@ CVE-2017-17851 RESERVED CVE-2017-17850 (An issue was discovered in Asterisk 13.18.4 and older, 14.7.4 and ...) - asterisk <unfixed> (bug #885072) + [stretch] - asterisk <not-affected> (Vulnerable code introduced after 13.15.0) + [jessie] - asterisk <not-affected> (Vulnerable code introduced after 13.15.0) + [wheezy] - asterisk <not-affected> (Vulnerable code introduced after 13.15.0) NOTE: http://downloads.asterisk.org/pub/security/AST-2017-014.html NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-27480 CVE-2017-17849 (A buffer overflow vulnerability in GetGo Download Manager 5.3.0.2712 ...) |