On Mon, Apr 02, 2012 at 10:50:07PM +0100, Jonathan Wiltshire wrote:
> On Mon, Apr 02, 2012 at 01:38:40PM -0500, John Goerzen wrote:
> > Package: asterisk
> > Version: 1:1.6.2.9-2+squeeze4
> > Severity: grave
> > Tags: security squeeze
> > Justification: user security hole
> >
> > Per:
> >
> > htt
That is fine with me, Jonathan. I think you're right that the tracker
is wrong, but also we aren't shipping vulnerabilities by default.
-- John
On 04/02/2012 04:50 PM, Jonathan Wiltshire wrote:
On Mon, Apr 02, 2012 at 01:38:40PM -0500, John Goerzen wrote:
Package: asterisk
Version: 1:1.6.2.9
On Mon, Apr 02, 2012 at 01:38:40PM -0500, John Goerzen wrote:
> Package: asterisk
> Version: 1:1.6.2.9-2+squeeze4
> Severity: grave
> Tags: security squeeze
> Justification: user security hole
>
> Per:
>
> http://downloads.asterisk.org/pub/security/AST-2012-002.txt
>
> the asterisk in squeeze is
Package: asterisk
Version: 1:1.6.2.9-2+squeeze4
Severity: grave
Tags: security squeeze
Justification: user security hole
Per:
http://downloads.asterisk.org/pub/security/AST-2012-002.txt
the asterisk in squeeze is vulnerable to a buffer overflow.
The package in testing may also be vulnerable to:
4 matches
Mail list logo
