Update information for CVE-2017-17850/asterisk

Maintainer confirmed question about introducing versions. Confirmed to be post 13.15.0 and post 13.18.0 partially, resulting in 1:13.17.0~dfsg-1 beeing the first version in Debian including the vulnerability. Thanks: Bernhard Schmidt and Tzafrir git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@58977 e39458fd-73e7-0310-bf30-c45bca0a0e42
author: Salvatore Bonaccorso <carnil@debian.org> 2017-12-27 22:20:49 +0000
committer: Salvatore Bonaccorso <carnil@debian.org> 2017-12-27 22:20:49 +0000
commit: 84ff91a0304bb0937d4da7fec626f136b2d23902 (patch)
tree: 66b02c43f442bb4d2b8e3c042f5d6bc3b31707a1 /data
parent: b55af15f3ef78d574aa2f8f3f4477f92fc986414 (diff)
1 files changed, 3 insertions, 0 deletions
diff --git a/data/CVE/list b/data/CVE/list
index eab9bb2fb8..4b4444557d 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -249,6 +249,9 @@ CVE-2017-17851
 	RESERVED
 CVE-2017-17850 (An issue was discovered in Asterisk 13.18.4 and older, 14.7.4 and ...)
 	- asterisk <unfixed> (bug #885072)
+	[stretch] - asterisk <not-affected> (Vulnerable code introduced after 13.15.0)
+	[jessie] - asterisk <not-affected> (Vulnerable code introduced after 13.15.0)
+	[wheezy] - asterisk <not-affected> (Vulnerable code introduced after 13.15.0)
 	NOTE: http://downloads.asterisk.org/pub/security/AST-2017-014.html
 	NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-27480
 CVE-2017-17849 (A buffer overflow vulnerability in GetGo Download Manager 5.3.0.2712 ...)
author	Salvatore Bonaccorso <carnil@debian.org>	2017-12-27 22:20:49 +0000
committer	Salvatore Bonaccorso <carnil@debian.org>	2017-12-27 22:20:49 +0000
commit	84ff91a0304bb0937d4da7fec626f136b2d23902 (patch)
tree	66b02c43f442bb4d2b8e3c042f5d6bc3b31707a1 /data
parent	b55af15f3ef78d574aa2f8f3f4477f92fc986414 (diff)