Authentication-Results: name.execsw.org;
	dkim=pass (1024-bit key) header.d=netbsd.org header.i=@netbsd.org header.b=Qy0OVf/Z;
	dkim=pass (1024-bit key) header.d=netbsd.org header.i=@netbsd.org header.b=On8yxhNr
Received: by mail.netbsd.org (Postfix, from userid 605)
	id 7C4D184E71; Mon, 25 Mar 2024 03:09:29 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=netbsd.org;
	s=20240131; t=1711336169;
	bh=lztd1mhoAzYdHrzhO5VEET437EYXgRyREPfUmVHlPJo=;
	h=Date:From:Subject:To:Reply-To:List-Id:List-Unsubscribe;
	b=Qy0OVf/ZEvM+4WAuRKAbqR/QtIOSaiI58pembyDh+axB26iAjFifVAligbU+v4ltQ
	 AG3lYhHRlLOwsBomwGKe5fRhm3ZE7k2XfBRKK3+NqzD6f/rUSe5CBQKcoMkUUi//9f
	 ra+wL9rsSoc3CSUjm0cQ7Z4vQpZkZ+mY/dhJ/VCM=
Received: from localhost (localhost [127.0.0.1])
	by mail.netbsd.org (Postfix) with ESMTP id 6E3C084D0E
	for <pkgsrc-changes@NetBSD.org>; Mon, 25 Mar 2024 03:09:28 +0000 (UTC)
X-Virus-Scanned: amavisd-new at netbsd.org
Authentication-Results: mail.netbsd.org (amavisd-new);
	dkim=pass (1024-bit key) header.d=netbsd.org
Received: from mail.netbsd.org ([127.0.0.1])
	by localhost (mail.netbsd.org [127.0.0.1]) (amavisd-new, port 10025)
	with ESMTP id uSZ1eEUucMgC for <pkgsrc-changes@netbsd.org>;
	Mon, 25 Mar 2024 03:09:28 +0000 (UTC)
Received: from cvs.NetBSD.org (ivanova.netbsd.org [199.233.217.197])
	by mail.netbsd.org (Postfix) with ESMTP id B6C4C84CD8
	for <pkgsrc-changes@NetBSD.org>; Mon, 25 Mar 2024 03:09:27 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=netbsd.org;
	s=20240131; t=1711336168;
	bh=lztd1mhoAzYdHrzhO5VEET437EYXgRyREPfUmVHlPJo=;
	h=Date:From:Subject:To:Reply-To;
	b=On8yxhNrJ87yxeA27yHg/d2hB/RpumzGZONz0Meu21T6CASYGwsX1AS4/wXrLkP/5
	 dFpeZ29FzCt83Ri4o3+pTz50d5bxguaoiCkOFLSgx+T3QIn61A8DfJuwt1TVrpzllv
	 JJiKC3YnQKSVaMFk3l0XtQcwSPjGp7GLofvlJAG0=
Received: by cvs.NetBSD.org (Postfix, from userid 500)
	id A8728FA2C; Mon, 25 Mar 2024 03:09:27 +0000 (UTC)
Content-Transfer-Encoding: 7bit
Content-Type: multipart/mixed; boundary="_----------=_171133616734470"
MIME-Version: 1.0
Date: Mon, 25 Mar 2024 03:09:27 +0000
From: "John Nemeth" <jnemeth@netbsd.org>
Subject: CVS commit: pkgsrc/doc
To: pkgsrc-changes@NetBSD.org
Reply-To: jnemeth@netbsd.org
X-Mailer: log_accum
Message-Id: <20240325030927.A8728FA2C@cvs.NetBSD.org>
Sender: pkgsrc-changes-owner@NetBSD.org
List-Id: <pkgsrc-changes.NetBSD.org>
Precedence: bulk
List-Unsubscribe: <mailto:majordomo@NetBSD.org?subject=Unsubscribe%20pkgsrc-changes&body=unsubscribe%20pkgsrc-changes>

This is a multi-part message in MIME format.

--_----------=_171133616734470
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
Content-Type: text/plain; charset="US-ASCII"

Module Name:	pkgsrc
Committed By:	jnemeth
Date:		Mon Mar 25 03:09:27 UTC 2024

Modified Files:
	pkgsrc/doc: pkg-vulnerabilities

Log Message:
limit scope of CVS-2022-37325 for Asterisk


To generate a diff of this commit:
cvs rdiff -u -r1.153 -r1.154 pkgsrc/doc/pkg-vulnerabilities

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


--_----------=_171133616734470
Content-Disposition: inline
Content-Length: 1389
Content-Transfer-Encoding: binary
Content-Type: text/x-diff; charset=us-ascii

Modified files:

Index: pkgsrc/doc/pkg-vulnerabilities
diff -u pkgsrc/doc/pkg-vulnerabilities:1.153 pkgsrc/doc/pkg-vulnerabilities:1.154
--- pkgsrc/doc/pkg-vulnerabilities:1.153	Sat Mar 23 15:16:59 2024
+++ pkgsrc/doc/pkg-vulnerabilities	Mon Mar 25 03:09:27 2024
@@ -1,4 +1,4 @@
-# $NetBSD: pkg-vulnerabilities,v 1.153 2024/03/23 15:16:59 taca Exp $
+# $NetBSD: pkg-vulnerabilities,v 1.154 2024/03/25 03:09:27 jnemeth Exp $
 #
 #FORMAT 1.0.0
 #
@@ -25050,7 +25050,9 @@ asterisk>=19<19.7.1	local-file-read	http
 asterisk>=16<16.29.1	use-after-free	https://nvd.nist.gov/vuln/detail/CVE-2022-42705
 asterisk>=18.14<18.15.1	use-after-free	https://nvd.nist.gov/vuln/detail/CVE-2022-42705
 asterisk>=19.6<19.7.1	use-after-free	https://nvd.nist.gov/vuln/detail/CVE-2022-42705
-asterisk-[0-9]*	denial-of-service	https://nvd.nist.gov/vuln/detail/CVE-2022-37325
+asterisk<16.28.0	denial-of-service	https://nvd.nist.gov/vuln/detail/CVE-2022-37325
+asterisk>=17<18.14.0	denial-of-service	https://nvd.nist.gov/vuln/detail/CVE-2022-37325
+asterisk>=19<19.6.0	denial-of-service	https://nvd.nist.gov/vuln/detail/CVE-2022-37325
 salt-[0-9]*	buffer-overflow	https://nvd.nist.gov/vuln/detail/CVE-2021-33226
 xdg-utils-[0-9]*	command-execution	https://nvd.nist.gov/vuln/detail/CVE-2022-4055
 mysql-client>=8<8.0.29	multiple-vulnerabilities	https://www.oracle.com/security-alerts/cpujul2022.html#AppendixMSQL


--_----------=_171133616734470--