Add note for CVE-2022-21505

author: Salvatore Bonaccorso <carnil@debian.org> 2022-08-05 09:36:44 +0200
committer: Salvatore Bonaccorso <carnil@debian.org> 2022-08-05 09:36:44 +0200
commit: 45cf3ca1150c4063420e267efa3c5cc6b430658e (patch)
tree: 72cbd6b3c7c15ba125b953494ab18776766d4f85
parent: da987758a59468f4756ac7a45a975061c102bcb7 (diff)
1 files changed, 2 insertions, 0 deletions
diff --git a/active/CVE-2022-21505 b/active/CVE-2022-21505
index f4df3d8d..7da41eb1 100644
--- a/active/CVE-2022-21505
+++ b/active/CVE-2022-21505
@@ -5,6 +5,8 @@ Notes:
  carnil> Released as well in 5.18.15 for 5.18.y.
  carnil> Commit fixes 29d3c1c8dfe7 ("kexec: Allow kexec_file() with
  carnil> appropriate IMA policy when locked down") in 5.4-rc1.
+ carnil> CONFIG_IMA was only re-enabled in Debian in 5.13.9-1~exp1
+ carnil> and the issue does not affect bullseye's built binary packages.
 Bugs:
 upstream: released (5.19-rc8) [543ce63b664e2c2f9533d089a4664b559c3e6b5b]
 5.10-upstream-stable: released (5.10.134) [ab5050fd7430dde3a9f073129036d3da3facc8ec]
author	Salvatore Bonaccorso <carnil@debian.org>	2022-08-05 09:36:44 +0200
committer	Salvatore Bonaccorso <carnil@debian.org>	2022-08-05 09:36:44 +0200
commit	45cf3ca1150c4063420e267efa3c5cc6b430658e (patch)
tree	72cbd6b3c7c15ba125b953494ab18776766d4f85
parent	da987758a59468f4756ac7a45a975061c102bcb7 (diff)