Giuseppe Iuculano
2009-Sep-13 14:47 UTC
[Secure-testing-commits] r12797 - in data: CVE NMU
Author: derevko-guest
Date: 2009-09-13 14:47:22 +0000 (Sun, 13 Sep 2009)
New Revision: 12797
Modified:
data/CVE/list
data/NMU/list
Log:
- CVE-2009-2726 and CVE-2009-2651 fixed in asterisk 1:1.6.2.0~dfsg~rc1-1
- CVE-2009-1882 fixed in graphicsmagick 1.3.5-5.1
Modified: data/CVE/list
==================================================================---
data/CVE/list 2009-09-13 11:48:12 UTC (rev 12796)
+++ data/CVE/list 2009-09-13 14:47:22 UTC (rev 12797)
@@ -1570,7 +1570,7 @@
CVE-2009-2727 (Stack-based buffer overflow in the _tt_internal_realpath
function in ...)
NOT-FOR-US: IBM AIX
CVE-2009-2726 (The SIP channel driver in Asterisk Open Source 1.2.x before
1.2.34, ...)
- - asterisk <unfixed> (bug #541441)
+ - asterisk 1:1.6.2.0~dfsg~rc1-1 (bug #541441)
[squeeze] - asterisk <not-affected> (Doesn''t permit SIP packets
to exceed 1500 bytes total)
[lenny] - asterisk <not-affected> (Doesn''t permit SIP packets
to exceed 1500 bytes total)
[etch] - asterisk <not-affected> (Doesn''t permit SIP packets to
exceed 1500 bytes total)
@@ -1982,7 +1982,7 @@
NOTE: fixed in iceweasel 3.0.13 and 3.5.2, which have yet to be uploaded
TODO: check whether other web browsers are affected and file bugs
CVE-2009-2651 (main/rtp.c in Asterisk Open Source 1.6.1 before 1.6.1.2 allows
remote ...)
- - asterisk <unfixed> (low; bug #539473)
+ - asterisk 1:1.6.2.0~dfsg~rc1-1 (low; bug #539473)
[etch] - asterisk <not-affected> (Vulnerable code not present)
[lenny] - asterisk <not-affected> (Vulnerable code not present)
[squeeze] - asterisk <not-affected> (Vulnerable code not present)
@@ -4042,7 +4042,7 @@
CVE-2009-1882 (Integer overflow in the XMakeImage function in magick/xwindow.c
in ...)
{DSA-1858-1}
- imagemagick 7:6.5.1.0-1.1 (medium; bug #530838)
- - graphicsmagick <unfixed> (medium; bug #530946)
+ - graphicsmagick 1.3.5-5.1 (medium; bug #530946)
CVE-2009-1881 (Cross-site scripting (XSS) vulnerability in MT312 IMG-BBS allows
...)
NOT-FOR-US: MT312
CVE-2009-1880 (Cross-site scripting (XSS) vulnerability in MT312 REP-BBS allows
...)
Modified: data/NMU/list
==================================================================---
data/NMU/list 2009-09-13 11:48:12 UTC (rev 12796)
+++ data/NMU/list 2009-09-13 14:47:22 UTC (rev 12797)
@@ -165,3 +165,4 @@
2009-08-16 libxml2 2.7.3.dfsg-2.1
2009-08-27 curl 7.19.5-1.1
2009-09-08 strongswan 4.3.2-1.1
+2009-09-13 graphicsmagick 1.3.5-5.1