Secure testing commits - Mar 2008 - r8379 - data/CVE

Author: joeyh
Date: 2008-03-20 21:14:17 +0000 (Thu, 20 Mar 2008)
New Revision: 8379

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2008-03-20 17:15:10 UTC (rev 8378)
+++ data/CVE/list	2008-03-20 21:14:17 UTC (rev 8379)
@@ -4,9 +4,9 @@
 	RESERVED
 CVE-2008-1390 [AST-2008-005: HTTP Manager ID is predictable]
 	RESERVED
-        - asterisk <unfixed> (low)
-        [etch] - asterisk <not-affected> (Only 1.4.x affected)
-        [sarge] - asterisk <not-affected> (Only 1.4.x affected)
+	- asterisk <unfixed> (low)
+	[etch] - asterisk <not-affected> (Only 1.4.x affected)
+	[sarge] - asterisk <not-affected> (Only 1.4.x affected)
 CVE-2008-1389
 	RESERVED
 CVE-2008-1388
@@ -123,11 +123,13 @@
 	NOT-FOR-US: BT Home Hub router
 CVE-2008-1333 [AST-2008-004: Format String Vulnerability in Logger and Manager]
 	RESERVED
+	{DSA-1525-1}
 	- asterisk 1:1.4.18.1~dfsg-1 (medium)
-        NOTE: Etch''s release is unimportant, since not exploitable,
but was fixed anyway
-        [sarge] - asterisk <not-affected> (Only 1.6.x affected)
+	NOTE: Etch''s release is unimportant, since not exploitable, but was
fixed anyway
+	[sarge] - asterisk <not-affected> (Only 1.6.x affected)
 CVE-2008-1332 [AST-2008-003: Unauthenticated calls allowed from SIP channel
driver]
 	RESERVED
+	{DSA-1525-1}
 	- asterisk 1:1.4.18.1~dfsg-1 (medium)
 CVE-2008-1331
 	RESERVED
@@ -210,8 +212,8 @@
 CVE-2008-1289 [AST-2008-002: Two buffer overflows in RTP Codec Payload
Handling]
 	RESERVED
 	- asterisk 1:1.4.18.1~dfsg-1 (medium)
-        [etch] - asterisk <not-affected> (Only 1.4.x and above affected)
-        [sarge] - asterisk <not-affected> (Only 1.4.x and above affected)
+	[etch] - asterisk <not-affected> (Only 1.4.x and above affected)
+	[sarge] - asterisk <not-affected> (Only 1.4.x and above affected)
 CVE-2007-6710
 	RESERVED
 CVE-2007-6709 (The Cisco Linksys WAG54GS Wireless-G ADSL Gateway with 1.01.03
and ...)
@@ -3731,6 +3733,7 @@
 CVE-2007-6431 (Unspecified vulnerability in Adobe Flash Media Server 2 before
2.0.5, ...)
 	NOT-FOR-US: Adobe Flash Media Server
 CVE-2007-6430 (Asterisk Open Source 1.2.x before 1.2.26 and 1.4.x before
1.4.16, and ...)
+	{DSA-1525-1}
 	- asterisk 1:1.4.16.2~dfsg-1 (low; bug #457063)
 	[etch] - asterisk <no-dsa> (Minor issue, eventually fix in a later DSA)
 	[sarge] - asterisk <not-affected> (Vulnerable code not present)