Author: nion
Date: 2007-12-11 08:42:47 +0000 (Tue, 11 Dec 2007)
New Revision: 7583
Modified:
data/CVE/list
Log:
CVE-2007-6171, CVE-2007-6170 fixed in asterisk 1:1.4.15~dfsg-1
Modified: data/CVE/list
==================================================================---
data/CVE/list 2007-12-11 08:37:47 UTC (rev 7582)
+++ data/CVE/list 2007-12-11 08:42:47 UTC (rev 7583)
@@ -328,12 +328,12 @@
CVE-2007-6183 (Format string vulnerability in the mdiag_initialize function in
...)
- ruby-gnome2 0.16.0-10 (medium; bug #453689)
CVE-2007-6171 (SQL injection vulnerability in the Postgres Realtime Engine ...)
- - asterisk <unfixed> (medium)
+ - asterisk 1:1.4.15~dfsg-1 (medium)
[sarge] - asterisk <not-affected> (Vulnerable code not present)
[etch] - asterisk <not-affected> (Vulnerable code not present)
CVE-2007-6170 (SQL injection vulnerability in the Call Detail Record Postgres
logging ...)
{DSA-1417-1}
- - asterisk <unfixed> (medium)
+ - asterisk 1:1.4.15~dfsg-1 (medium)
CVE-2007-6150 (The "internal state tracking" code for the
random and urandom devices ...)
- kfreebsd-5 <unfixed> (medium; bug #453944)
[etch] - kfreebsd-5 <no-dsa> (kfreebsd not supported)