Author: fw Date: 2007-04-18 09:04:27 +0000 (Wed, 18 Apr 2007) New Revision: 5663 Modified: data/CVE/list Log: Merge two asterisk entries Modified: data/CVE/list ==================================================================--- data/CVE/list 2007-04-17 21:57:39 UTC (rev 5662) +++ data/CVE/list 2007-04-18 09:04:27 UTC (rev 5663) @@ -832,8 +832,6 @@ NOT-FOR-US: NFN Address Book CVE-2007-1595 (The Asterisk Extension Language (AEL) in pbx/pbx_ael.c in Asterisk ...) - asterisk <unfixed> (low) -CVE-2007-1594 (The handle_response function in chan_sip.c in Asterisk before 1.2.17 ...) - - asterisk 1.4.2~dfsg-1 (medium) CVE-2007-1593 RESERVED CVE-2007-1592 (net/ipv6/tcp_ipv6.c in Linux kernel 2.6.x up to 2.6.21-rc3 ...) @@ -1044,8 +1042,8 @@ CVE-2007-1561 (The channel driver in Asterisk before 1.2.17 and 1.4.x before 1.4.2 ...) - asterisk <unfixed> (bug #415466; medium) NOTE: http://voipsa.org/pipermail/voipsec_voipsa.org/2007-March/002275.html -CVE-2007-XXXX [Asterisk segfault on SIP response code 0] - - asterisk <unfixed> +CVE-2007-1594 (The handle_response function in chan_sip.c in Asterisk before 1.2.17 ...) + - asterisk 1.4.2~dfsg-1 (medium; bug #419820) [sarge] - asterisk <not-affected> (correctly logs a warning) NOTE: http://bugs.digium.com/view.php?id=9313 CVE-2007-1516 (PHP remote file inclusion vulnerability in functions/update.php in ...)