Author: fw Date: 2007-03-22 09:38:18 +0000 (Thu, 22 Mar 2007) New Revision: 5573 Modified: data/CVE/list Log: Asterisk 3rd party advisory linked Other Asterisk issue, unclear if it affects 1.2 (sarge is okay) Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-03-21 23:07:55 UTC (rev 5572) +++ data/CVE/list 2007-03-22 09:38:18 UTC (rev 5573) @@ -1,5 +1,10 @@ CVE-2007-XXXX [Single-packet SIP INVITE DoS in asterisk] - asterisk <unfixed> (bug #415466; medium) + NOTE: http://voipsa.org/pipermail/voipsec_voipsa.org/2007-March/002275.html +CVE-2007-XXXX [Asterisk segfault on SIP response code 0] + - asterisk <unfixed> + [sarge] - asterisk <not-affected> (correctly logs a warning) + NOTE: http://bugs.digium.com/view.php?id=9313 CVE-2007-1516 (PHP remote file inclusion vulnerability in functions/update.php in ...) NOT-FOR-US: CcMail CVE-2007-1515 (Multiple cross-site scripting (XSS) vulnerabilities in Horde IMP H3 ...)