Ubuntu CVE Tracker

Merge lp:~ari-tczew/ubuntu-cve-tracker/merge into lp:~ubuntu-security/ubuntu-cve-tracker/master

  1. merge
  2. Merge into master
Proposed by Artur Rona
Status: Merged
Merge reported by: Marc Deslauriers
Merged at revision: not available
Proposed branch: lp:~ari-tczew/ubuntu-cve-tracker/merge
Merge into: lp:~ubuntu-security/ubuntu-cve-tracker/master
Diff against target: 134 lines (+22/-16)
7 files modified
active/CVE-2012-5976 (+6/-4)
active/CVE-2012-5977 (+6/-4)
active/CVE-2013-2264 (+2/-2)
active/CVE-2013-2686 (+3/-2)
active/CVE-2013-7100 (+3/-2)
active/CVE-2014-2286 (+1/-1)
active/CVE-2014-2287 (+1/-1)
To merge this branch: bzr merge lp:~ari-tczew/ubuntu-cve-tracker/merge
Reviewer Review Type Date Requested Status
Marc Deslauriers Approve
Review via email: mp+219114@code.launchpad.net
To post a comment you must log in.
Revision history for this message
Marc Deslauriers (mdeslaur) wrote :

Looks good, merged. Thanks!

review: Approve
lp:~ari-tczew/ubuntu-cve-tracker/merge updated
8046. By Marc Deslauriers

added extra commit to qemu CVE

8047. By Marc Deslauriers

Artur Rona 2014-05-11 Triaged some CVEs for asterisk.

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
=== modified file 'active/CVE-2012-5976'
--- active/CVE-2012-5976 2014-04-18 13:00:59 +0000
+++ active/CVE-2012-5976 2014-05-11 09:00:16 +0000
@@ -2,7 +2,7 @@
2PublicDate: 2013-01-042PublicDate: 2013-01-04
3References:3References:
4 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-59764 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5976
5 http://downloads.digium.com/pub/security/AST-2012-014.pdf5 http://downloads.asterisk.org/pub/security/AST-2012-014
6Description:6Description:
7 Multiple stack consumption vulnerabilities in Asterisk Open Source 1.8.x7 Multiple stack consumption vulnerabilities in Asterisk Open Source 1.8.x
8 before 1.8.19.1, 10.x before 10.11.1, and 11.x before 11.1.2; Certified8 before 1.8.19.1, 10.x before 10.11.1, and 11.x before 11.1.2; Certified
@@ -20,7 +20,9 @@
2020
21Patches_asterisk:21Patches_asterisk:
22 vendor: http://www.debian.org/security/2013/dsa-260522 vendor: http://www.debian.org/security/2013/dsa-2605
23upstream_asterisk: needs-triage23 upstream: (1.8) http://downloads.asterisk.org/pub/security/AST-2012-014-1.8.diff
24 upstream: (11) http://downloads.asterisk.org/pub/security/AST-2012-014-11.diff
25upstream_asterisk: released (1.8.19.1, 11.1.2)
24hardy_asterisk: ignored (reached end-of-life)26hardy_asterisk: ignored (reached end-of-life)
25lucid_asterisk: ignored (reached end-of-life)27lucid_asterisk: ignored (reached end-of-life)
26oneiric_asterisk: ignored (reached end-of-life)28oneiric_asterisk: ignored (reached end-of-life)
@@ -28,5 +30,5 @@
28quantal_asterisk: needed30quantal_asterisk: needed
29raring_asterisk: ignored (reached end-of-life)31raring_asterisk: ignored (reached end-of-life)
30saucy_asterisk: needed32saucy_asterisk: needed
31trusty_asterisk: needed33trusty_asterisk: not-affected
32devel_asterisk: needed34devel_asterisk: not-affected
3335
=== modified file 'active/CVE-2012-5977'
--- active/CVE-2012-5977 2014-04-18 13:00:59 +0000
+++ active/CVE-2012-5977 2014-05-11 09:00:16 +0000
@@ -2,7 +2,7 @@
2PublicDate: 2013-01-042PublicDate: 2013-01-04
3References:3References:
4 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-59774 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5977
5 http://downloads.asterisk.org/pub/security/AST-2012-015.pdf5 http://downloads.asterisk.org/pub/security/AST-2012-015
6Description:6Description:
7 Asterisk Open Source 1.8.x before 1.8.19.1, 10.x before 10.11.1, and 11.x7 Asterisk Open Source 1.8.x before 1.8.19.1, 10.x before 10.11.1, and 11.x
8 before 11.1.2; Certified Asterisk 1.8.11 before 1.8.11-cert10; and Asterisk8 before 11.1.2; Certified Asterisk 1.8.11 before 1.8.11-cert10; and Asterisk
@@ -20,7 +20,9 @@
2020
21Patches_asterisk:21Patches_asterisk:
22 vendor: http://www.debian.org/security/2013/dsa-260522 vendor: http://www.debian.org/security/2013/dsa-2605
23upstream_asterisk: needs-triage23 upstream: (1.8) http://downloads.asterisk.org/pub/security/AST-2012-015-1.8.diff
24 upstream: (11) http://downloads.asterisk.org/pub/security/AST-2012-015-11.diff
25upstream_asterisk: released (1.8.19.1, 11.1.2)
24hardy_asterisk: ignored (reached end-of-life)26hardy_asterisk: ignored (reached end-of-life)
25lucid_asterisk: ignored (reached end-of-life)27lucid_asterisk: ignored (reached end-of-life)
26oneiric_asterisk: ignored (reached end-of-life)28oneiric_asterisk: ignored (reached end-of-life)
@@ -28,5 +30,5 @@
28quantal_asterisk: needed30quantal_asterisk: needed
29raring_asterisk: ignored (reached end-of-life)31raring_asterisk: ignored (reached end-of-life)
30saucy_asterisk: needed32saucy_asterisk: needed
31trusty_asterisk: needed33trusty_asterisk: not-affected
32devel_asterisk: needed34devel_asterisk: not-affected
3335
=== modified file 'active/CVE-2013-2264'
--- active/CVE-2013-2264 2014-04-18 13:00:59 +0000
+++ active/CVE-2013-2264 2014-05-11 09:00:16 +0000
@@ -34,5 +34,5 @@
34quantal_asterisk: needed34quantal_asterisk: needed
35raring_asterisk: ignored (reached end-of-life)35raring_asterisk: ignored (reached end-of-life)
36saucy_asterisk: needed36saucy_asterisk: needed
37trusty_asterisk: needed37trusty_asterisk: not-affected
38devel_asterisk: needed38devel_asterisk: not-affected
3939
=== modified file 'active/CVE-2013-2686'
--- active/CVE-2013-2686 2014-04-18 13:00:59 +0000
+++ active/CVE-2013-2686 2014-05-11 09:00:16 +0000
@@ -23,6 +23,7 @@
23Assigned-to:23Assigned-to:
2424
25Patches_asterisk:25Patches_asterisk:
26 upstream: http://downloads.asterisk.org/pub/security/AST-2013-002-1.8.diff
26upstream_asterisk: released (1.8.19.1, 1.8.20.0, 1.8.20.1)27upstream_asterisk: released (1.8.19.1, 1.8.20.0, 1.8.20.1)
27hardy_asterisk: ignored (reached end-of-life)28hardy_asterisk: ignored (reached end-of-life)
28lucid_asterisk: ignored (reached end-of-life)29lucid_asterisk: ignored (reached end-of-life)
@@ -31,5 +32,5 @@
31quantal_asterisk: needed32quantal_asterisk: needed
32raring_asterisk: ignored (reached end-of-life)33raring_asterisk: ignored (reached end-of-life)
33saucy_asterisk: needed34saucy_asterisk: needed
34trusty_asterisk: needed35trusty_asterisk: not-affected
35devel_asterisk: needed36devel_asterisk: not-affected
3637
=== modified file 'active/CVE-2013-7100'
--- active/CVE-2013-7100 2014-04-18 13:00:59 +0000
+++ active/CVE-2013-7100 2014-05-11 09:00:16 +0000
@@ -20,11 +20,12 @@
20Assigned-to:20Assigned-to:
2121
22Patches_asterisk:22Patches_asterisk:
23 upstream: http://downloads.asterisk.org/pub/security/AST-2013-006-1.8.diff
23upstream_asterisk: released (1:11.7.0~dfsg-1)24upstream_asterisk: released (1:11.7.0~dfsg-1)
24lucid_asterisk: ignored (reached end-of-life)25lucid_asterisk: ignored (reached end-of-life)
25precise_asterisk: needed26precise_asterisk: needed
26quantal_asterisk: needed27quantal_asterisk: needed
27raring_asterisk: ignored (reached end-of-life)28raring_asterisk: ignored (reached end-of-life)
28saucy_asterisk: needed29saucy_asterisk: needed
29trusty_asterisk: needed30trusty_asterisk: not-affected (1:11.7.0~dfsg-1ubuntu1)
30devel_asterisk: needed31devel_asterisk: not-affected
3132
=== modified file 'active/CVE-2014-2286'
--- active/CVE-2014-2286 2014-04-22 02:28:18 +0000
+++ active/CVE-2014-2286 2014-05-11 09:00:16 +0000
@@ -31,4 +31,4 @@
31quantal_asterisk: needed31quantal_asterisk: needed
32saucy_asterisk: needed32saucy_asterisk: needed
33trusty_asterisk: needed33trusty_asterisk: needed
34devel_asterisk: needed34devel_asterisk: not-affected (1:11.8.1~dfsg-1ubuntu1)
3535
=== modified file 'active/CVE-2014-2287'
--- active/CVE-2014-2287 2014-04-22 02:28:18 +0000
+++ active/CVE-2014-2287 2014-05-11 09:00:16 +0000
@@ -33,4 +33,4 @@
33quantal_asterisk: needed33quantal_asterisk: needed
34saucy_asterisk: needed34saucy_asterisk: needed
35trusty_asterisk: needed35trusty_asterisk: needed
36devel_asterisk: needed36devel_asterisk: not-affected (1:11.8.1~dfsg-1ubuntu1)