Fill in status of most issues for 4.19-upstream-stable

author: Ben Hutchings <ben@decadent.org.uk> 2019-01-07 23:12:54 +0000
committer: Ben Hutchings <ben@decadent.org.uk> 2019-01-07 23:12:54 +0000
commit: 8a4c57534df082728ca98dd1d3d68321325c5d9a (patch)
tree: 9d65c1b0aa337d0d5e4c6103744c77a405e30ae9
parent: c29a69600ca41ee282e4b46336e0e1b1d569bfaa (diff)
63 files changed, 64 insertions, 1 deletions
diff --git a/active/CVE-2013-7445 b/active/CVE-2013-7445
index 178c206d..18be12a2 100644
--- a/active/CVE-2013-7445
+++ b/active/CVE-2013-7445
@@ -4,6 +4,7 @@ Notes:
 Bugs:
  https://bugzilla.kernel.org/show_bug.cgi?id=60533
 upstream: needed
+4.19-upstream-stable: needed
 4.9-upstream-stable: needed
 3.16-upstream-stable: ignored "Fix is likely to be too big and risky to backport"
 3.2-upstream-stable: ignored "Fix is likely to be too big and risky to backport"
diff --git a/active/CVE-2015-8553 b/active/CVE-2015-8553
index 38d109c3..bdee9ada 100644
--- a/active/CVE-2015-8553
+++ b/active/CVE-2015-8553
@@ -13,6 +13,7 @@ Notes:
  jmm> point
 Bugs:
 upstream: needed
+4.19-upstream-stable: needed
 4.9-upstream-stable: needed
 3.16-upstream-stable: needed
 3.2-upstream-stable: ignored "EOL"
diff --git a/active/CVE-2015-8839 b/active/CVE-2015-8839
index dee5a4fe..814c1a3b 100644
--- a/active/CVE-2015-8839
+++ b/active/CVE-2015-8839
@@ -3,6 +3,7 @@ References:
 Notes:
 Bugs:
 upstream: released (4.5-rc1) [ea3d7209ca01da209cda6f0dea8be9cc4b7a933b, 17048e8a083fec7ad841d88ef0812707fbc7e39f, 32ebffd3bbb4162da5ff88f9a35dd32d0a28ea70, 011278485ecc3cd2a3954b5d4c73101d919bf1fa]
+4.19-upstream-stable: N/A "Fixed before branch point"
 4.9-upstream-stable: N/A "Fixed before branch point"
 3.16-upstream-stable: needed
 3.2-upstream-stable: ignored "Too much work to backport"
diff --git a/active/CVE-2016-10723 b/active/CVE-2016-10723
index 94a51cb4..12dbf1e4 100644
--- a/active/CVE-2016-10723
+++ b/active/CVE-2016-10723
@@ -14,6 +14,7 @@ Notes:
  bwh> I assume 4.9 is also affected.
 Bugs:
 upstream: needed
+4.19-upstream-stable: needed
 4.9-upstream-stable: needed
 3.16-upstream-stable: needed
 sid: needed
diff --git a/active/CVE-2016-8660 b/active/CVE-2016-8660
index 6da01332..9ef16dcd 100644
--- a/active/CVE-2016-8660
+++ b/active/CVE-2016-8660
@@ -7,6 +7,7 @@ Notes:
  https://bugzilla.novell.com/show_bug.cgi?id=1004532#c10
 Bugs:
 upstream: needed
+4.19-upstream-stable: needed
 4.9-upstream-stable: needed
 3.16-upstream-stable: N/A "Vulnerable code introduced in (4.4-rc1) [fc0561cefc04e7803c0f6501ca4f310a502f65b8]"
 3.2-upstream-stable: N/A "Vulnerable code introduced in (4.4-rc1) [fc0561cefc04e7803c0f6501ca4f310a502f65b8]"
diff --git a/active/CVE-2017-0630 b/active/CVE-2017-0630
index 05283846..cfcda400 100644
--- a/active/CVE-2017-0630
+++ b/active/CVE-2017-0630
@@ -6,6 +6,7 @@ Notes:
  carnil> https://lore.kernel.org/lkml/20180725210717.3b807191@vmware.local.home/
 Bugs:
 upstream: needed
+4.19-upstream-stable: needed
 4.9-upstream-stable: needed
 3.16-upstream-stable: needed
 sid: needed
diff --git a/active/CVE-2017-10662 b/active/CVE-2017-10662
index df77fd46..0bc232a9 100644
--- a/active/CVE-2017-10662
+++ b/active/CVE-2017-10662
@@ -6,6 +6,7 @@ Notes:
  bwh> and major in-memory structure".
 Bugs:
 upstream: released (4.12-rc1) [b9dd46188edc2f0d1f37328637860bb65a771124]
+4.19-upstream-stable: N/A "Fixed before branch point"
 4.9-upstream-stable: released (4.9.28) [93862955cbf485215f0677229292d0f358af55fc]
 3.16-upstream-stable: needed
 3.2-upstream-stable: N/A "Vulnerable code not present"
diff --git a/active/CVE-2017-10663 b/active/CVE-2017-10663
index 04a47049..53ad9a20 100644
--- a/active/CVE-2017-10663
+++ b/active/CVE-2017-10663
@@ -7,6 +7,7 @@ Notes:
  bwh> operations".
 Bugs:
 upstream: released (4.13-rc1) [15d3042a937c13f5d9244241c7a9c8416ff6e82a]
+4.19-upstream-stable: N/A "Fixed before branch point"
 4.9-upstream-stable: released (4.9.42) [0f442c5b2e4ac0b65027ed3374462f1c38675f7e]
 3.16-upstream-stable: needed
 3.2-upstream-stable: N/A "Vulnerable code not present"
diff --git a/active/CVE-2017-13168 b/active/CVE-2017-13168
index 112e6eb6..f273946c 100644
--- a/active/CVE-2017-13168
+++ b/active/CVE-2017-13168
@@ -4,6 +4,7 @@ References:
 Notes:
 Bugs:
 upstream: released (4.18-rc4) [26b5b874aff5659a7e26e5b1997e3df2c41fa7fd]
+4.19-upstream-stable: N/A "Fixed before branch point"
 4.9-upstream-stable: released (4.9.112) [b6db8af7e34edfa1bf1d7b0797da15c3811a2a98]
 3.16-upstream-stable: released (3.16.61) [3f084a4d285d695b2008533f1b28a5538748e174]
 sid: released (4.17.6-1)
diff --git a/active/CVE-2017-13305 b/active/CVE-2017-13305
index 07e53e5e..16734297 100644
--- a/active/CVE-2017-13305
+++ b/active/CVE-2017-13305
@@ -6,6 +6,7 @@ Notes:
  carnil> Possibly only affecting 3.18+ but needs check.
 Bugs:
 upstream: released (4.12-rc5) [794b4bc292f5d31739d89c0202c54e7dc9bc3add]
+4.19-upstream-stable: N/A "Fixed before branch point"
 4.9-upstream-stable: released (4.9.81) [9692602ab850eec484d8cc5a740803d34f00016c]
 3.16-upstream-stable: released (3.16.62) [bfe535bf4ab73e41922c7a58d6a858a2c435ff29]
 sid: released (4.12.6-1)
diff --git a/active/CVE-2017-18232 b/active/CVE-2017-18232
index 9fe8f432..e12e0152 100644
--- a/active/CVE-2017-18232
+++ b/active/CVE-2017-18232
@@ -5,6 +5,7 @@ Notes:
  bwh> (Linux 3.4).  For stretch, this requires an ABI bump.
 Bugs:
 upstream: released (4.16-rc1) [0558f33c06bb910e2879e355192227a8e8f0219d]
+4.19-upstream-stable: N/A "Fixed before branch point"
 4.9-upstream-stable: needed
 3.16-upstream-stable: needed
 3.2-upstream-stable: N/A "Vulnerability introduced later"
diff --git a/active/CVE-2017-18249 b/active/CVE-2017-18249
index aff2ac7c..85b1faea 100644
--- a/active/CVE-2017-18249
+++ b/active/CVE-2017-18249
@@ -3,6 +3,7 @@ References:
 Notes:
 Bugs:
 upstream: released (4.12-rc1) [30a61ddf8117c26ac5b295e1233eaa9629a94ca3]
+4.19-upstream-stable: N/A "Fixed before branch point"
 4.9-upstream-stable: released (4.9.144) [cb9b1d4ec206702a4df1cb42ba8142f39acfdd91]
 3.16-upstream-stable: needed
 3.2-upstream-stable: N/A "Vulnerable code not present"
diff --git a/active/CVE-2017-9725 b/active/CVE-2017-9725
index f7f449ca..e8af2097 100644
--- a/active/CVE-2017-9725
+++ b/active/CVE-2017-9725
@@ -5,6 +5,7 @@ References:
 Notes:
 Bugs:
 upstream: released (4.3-rc7) [67a2e213e7e937c41c52ab5bc46bf3f4de469f6e]
+4.19-upstream-stable: N/A "Fixed before branch point"
 4.9-upstream-stable: N/A "Fixed before branching point"
 3.16-upstream-stable:
 sid: released (4.3.1-1)
diff --git a/active/CVE-2018-1000026 b/active/CVE-2018-1000026
index d13546f7..450130d6 100644
--- a/active/CVE-2018-1000026
+++ b/active/CVE-2018-1000026
@@ -13,6 +13,7 @@ Notes:
  bwh> certainly affected.
 Bugs:
 upstream: needed
+4.19-upstream-stable: needed
 4.9-upstream-stable: needed
 3.16-upstream-stable: needed
 3.2-upstream-stable: ignored "EOL"
diff --git a/active/CVE-2018-10322 b/active/CVE-2018-10322
index abf5658b..0f1c7a4a 100644
--- a/active/CVE-2018-10322
+++ b/active/CVE-2018-10322
@@ -5,6 +5,7 @@ References:
 Notes:
 Bugs:
 upstream: released (4.17-rc4) [b42db0860e13067fcc7cbfba3966c9e652668bbc]
+4.19-upstream-stable: N/A "Fixed before branch point"
 4.9-upstream-stable: needed
 3.16-upstream-stable: needed
 3.2-upstream-stable: ignored "dinode verifier not implemented"
diff --git a/active/CVE-2018-10323 b/active/CVE-2018-10323
index 909fedb6..4588833f 100644
--- a/active/CVE-2018-10323
+++ b/active/CVE-2018-10323
@@ -5,6 +5,7 @@ References:
 Notes:
 Bugs:
 upstream: released (4.17-rc4) [2c4306f719b083d17df2963bc761777576b8ad1b]
+4.19-upstream-stable: N/A "Fixed before branch point"
 4.9-upstream-stable: needed
 3.16-upstream-stable: released (3.16.58) [00fe22e3f801fd5225aeecc6bf79630ec201f8e4]
 3.2-upstream-stable: ignored "Too much work to backport"
diff --git a/active/CVE-2018-1108 b/active/CVE-2018-1108
index a84768da..b5dbe342 100644
--- a/active/CVE-2018-1108
+++ b/active/CVE-2018-1108
@@ -10,6 +10,7 @@ Notes:
  carnil> 4.9.88-1+deb9u1 reverts the fix due to various reported regressions.
 Bugs:
 upstream: released (4.17-rc2) [43838a23a05fbd13e47d750d3dfd77001536dd33]
+4.19-upstream-stable: N/A "Fixed before branch point"
 4.9-upstream-stable: released (4.9.96) [4dfb3442bb7e1fb80515df4a199ca5a7a8edf900]
 3.16-upstream-stable: N/A "Vulnerable code not present"
 3.2-upstream-stable: N/A "Vulnerable code not present"
diff --git a/active/CVE-2018-1120 b/active/CVE-2018-1120
index 663f4853..90e71788 100644
--- a/active/CVE-2018-1120
+++ b/active/CVE-2018-1120
@@ -9,6 +9,7 @@ Notes:
  carnil> access_remote_vm() write parameter is replaced with gup_flags.
 Bugs:
 upstream: released (4.17-rc6) [7f7ccc2ccc2e70c6054685f5e3522efa81556830]
+4.19-upstream-stable: N/A "Fixed before branch point"
 4.9-upstream-stable: released (4.9.101) [6f1abf8628b750905606996fd5ff5ea22d149238]
 3.16-upstream-stable: needed
 3.2-upstream-stable: ignored "EOL"
diff --git a/active/CVE-2018-1128 b/active/CVE-2018-1128
index 5391fdea..0c3cc264 100644
--- a/active/CVE-2018-1128
+++ b/active/CVE-2018-1128
@@ -9,6 +9,7 @@ Notes:
  bwh> seems to depend on message signatures which were added in 3.19.
 Bugs:
 upstream: released (4.19-rc1) [6daca13d2e72bedaaacfc08f873114c9307d5aea]
+4.19-upstream-stable: N/A "Fixed before branch point"
 4.9-upstream-stable: released (4.9.144) [06e925920d4de3da2114876bc607447e929604af]
 3.16-upstream-stable: ignored "Protocol change is too difficult"
 sid: released (4.19.9-1)
diff --git a/active/CVE-2018-1129 b/active/CVE-2018-1129
index b63dc8b3..9aa12876 100644
--- a/active/CVE-2018-1129
+++ b/active/CVE-2018-1129
@@ -4,6 +4,7 @@ References:
 Notes:
 Bugs:
 upstream: released (4.19-rc1) [cc255c76c70f7a87d97939621eae04b600d9f4a1]
+4.19-upstream-stable: N/A "Fixed before branch point"
 4.9-upstream-stable: released (4.9.144) [18a23fb2632030888fc56a7df73a80f57445718f]
 3.16-upstream-stable: N/A "Message signatures not implemented"
 sid: released (4.19.9-1)
diff --git a/active/CVE-2018-12896 b/active/CVE-2018-12896
index 1692e21f..b7cdd2c4 100644
--- a/active/CVE-2018-12896
+++ b/active/CVE-2018-12896
@@ -6,6 +6,7 @@ References:
 Notes:
 Bugs:
 upstream: released (4.19-rc1) [78c9c4dfbf8c04883941445a195276bb4bb92c76]
+4.19-upstream-stable: N/A "Fixed before branch point"
 4.9-upstream-stable: released (4.9.136) [65cb24de03f1c8e00a4fedf416b80a4e8f8a6ef2]
 3.16-upstream-stable: released (3.16.62) [f795b11fdc99a3d4d7d6b9d48c5e44e17c287a27]
 sid: released (4.18.20-1)
diff --git a/active/CVE-2018-12928 b/active/CVE-2018-12928
index 415299c9..fb2db0c3 100644
--- a/active/CVE-2018-12928
+++ b/active/CVE-2018-12928
@@ -10,6 +10,7 @@ Notes:
  bwh> other tools that do similar probing.
 Bugs:
 upstream: needed
+4.19-upstream-stable: needed
 4.9-upstream-stable: needed
 3.16-upstream-stable: needed
 sid: needed
diff --git a/active/CVE-2018-12929 b/active/CVE-2018-12929
index edcb3ba5..ff7b6a71 100644
--- a/active/CVE-2018-12929
+++ b/active/CVE-2018-12929
@@ -3,6 +3,7 @@ References:
 Notes:
 Bugs:
 upstream: needed
+4.19-upstream-stable: needed
 4.9-upstream-stable:
 3.16-upstream-stable:
 sid: needed
diff --git a/active/CVE-2018-12930 b/active/CVE-2018-12930
index ba473f22..172db692 100644
--- a/active/CVE-2018-12930
+++ b/active/CVE-2018-12930
@@ -3,6 +3,7 @@ References:
 Notes:
 Bugs:
 upstream: needed
+4.19-upstream-stable: needed
 4.9-upstream-stable:
 3.16-upstream-stable:
 sid: needed
diff --git a/active/CVE-2018-12931 b/active/CVE-2018-12931
index 2511fff3..56b407b5 100644
--- a/active/CVE-2018-12931
+++ b/active/CVE-2018-12931
@@ -3,6 +3,7 @@ References:
 Notes:
 Bugs:
 upstream: needed
+4.19-upstream-stable: needed
 4.9-upstream-stable:
 3.16-upstream-stable:
 sid: needed
diff --git a/active/CVE-2018-13053 b/active/CVE-2018-13053
index 01187a94..f6f66219 100644
--- a/active/CVE-2018-13053
+++ b/active/CVE-2018-13053
@@ -5,6 +5,7 @@ References:
 Notes:
 Bugs:
 upstream: released (4.19-rc1) [5f936e19cc0ef97dbe3a56e9498922ad5ba1edef]
+4.19-upstream-stable: N/A "Fixed before branch point"
 4.9-upstream-stable: released (4.9.131) [747128e772dc2c413763050c52c55edcacf7f60c]
 3.16-upstream-stable: released (3.16.62) [b396dc52e302a0610abfd6467e20fb58352cdb69]
 sid: released (4.18.20-1)
diff --git a/active/CVE-2018-13093 b/active/CVE-2018-13093
index 97ab4532..88e98d33 100644
--- a/active/CVE-2018-13093
+++ b/active/CVE-2018-13093
@@ -5,6 +5,7 @@ References:
 Notes:
 Bugs:
 upstream: released (4.18-rc1) [afca6c5b2595fc44383919fba740c194b0b76aff]
+4.19-upstream-stable: N/A "Fixed before branch point"
 4.9-upstream-stable: needed
 3.16-upstream-stable: released (3.16.58) [7744e6b42712dd27e2457e1eb03b1c73920364c2]
 sid: released (4.17.14-1)
diff --git a/active/CVE-2018-13094 b/active/CVE-2018-13094
index 3710d90a..4742d588 100644
--- a/active/CVE-2018-13094
+++ b/active/CVE-2018-13094
@@ -5,6 +5,7 @@ References:
 Notes:
 Bugs:
 upstream: released (4.18-rc1) [bb3d48dcf86a97dc25fe9fc2c11938e19cb4399a]
+4.19-upstream-stable: N/A "Fixed before branch point"
 4.9-upstream-stable: needed
 3.16-upstream-stable: released (3.16.58) [991ec538e6683859b065467b8406c7e57526e212]
 sid: released (4.17.14-1)
diff --git a/active/CVE-2018-13095 b/active/CVE-2018-13095
index de0c91b3..e5745345 100644
--- a/active/CVE-2018-13095
+++ b/active/CVE-2018-13095
@@ -8,6 +8,7 @@ Notes:
  bwh> this is more trouble than it's worth to backport.
 Bugs:
 upstream: released (4.18-rc3) [23fcb3340d033d9f081e21e6c12c2db7eaa541d3]
+4.19-upstream-stable: N/A "Fixed before branch point"
 4.9-upstream-stable:
 3.16-upstream-stable: ignored "Too risky to backport"
 sid: released (4.18.6-1)
diff --git a/active/CVE-2018-13096 b/active/CVE-2018-13096
index abb10a55..c8f5c6c2 100644
--- a/active/CVE-2018-13096
+++ b/active/CVE-2018-13096
@@ -5,6 +5,7 @@ References:
 Notes:
 Bugs:
 upstream: released (4.19-rc1) [e34438c903b653daca2b2a7de95aed46226f8ed3]
+4.19-upstream-stable: N/A "Fixed before branch point"
 4.9-upstream-stable: released (4.9.144) [1c87980591a1dc8c5eafdcc5f9953fca4e518465]
 3.16-upstream-stable:
 sid: released (4.19.9-1)
diff --git a/active/CVE-2018-13097 b/active/CVE-2018-13097
index fbca8534..bdf15655 100644
--- a/active/CVE-2018-13097
+++ b/active/CVE-2018-13097
@@ -5,6 +5,7 @@ References:
 Notes:
 Bugs:
 upstream: released (4.19-rc1) [9dc956b2c8523aed39d1e6508438be9fea28c8fc]
+4.19-upstream-stable: N/A "Fixed before branch point"
 4.9-upstream-stable: released (4.9.144) [06e606acedaf8bb00c83c4cee43acdd264287a92]
 3.16-upstream-stable:
 sid: released (4.19.9-1)
diff --git a/active/CVE-2018-13098 b/active/CVE-2018-13098
index 2ded68ea..6d787f3d 100644
--- a/active/CVE-2018-13098
+++ b/active/CVE-2018-13098
@@ -7,6 +7,7 @@ Notes:
  bwh> inode structure scalability"
 Bugs:
 upstream: released (4.19-rc1) [76d56d4ab4f2a9e4f085c7d77172194ddaccf7d2]
+4.19-upstream-stable: N/A "Fixed before branch point"
 4.9-upstream-stable: N/A "Vulnerable code not present"
 3.16-upstream-stable: N/A "Vulnerable code not present"
 sid: released (4.18.10-1)
diff --git a/active/CVE-2018-13099 b/active/CVE-2018-13099
index abb70f68..84924ea4 100644
--- a/active/CVE-2018-13099
+++ b/active/CVE-2018-13099
@@ -6,6 +6,7 @@ References:
 Notes:
 Bugs:
 upstream: released (4.19-rc1) [4dbe38dc386910c668c75ae616b99b823b59f3eb]
+4.19-upstream-stable: N/A "Fixed before branch point"
 4.9-upstream-stable: released (4.9.128) [7e0782ceebaaed70b0c4b775c27b81e8f8cf6ddb]
 3.16-upstream-stable:
 sid: released (4.18.10-1)
diff --git a/active/CVE-2018-13100 b/active/CVE-2018-13100
index 693a0e85..7a4bd1e9 100644
--- a/active/CVE-2018-13100
+++ b/active/CVE-2018-13100
@@ -5,6 +5,7 @@ References:
 Notes:
 Bugs:
 upstream: released (4.19-rc1) [42bf546c1fe3f3654bdf914e977acbc2b80a5be5]
+4.19-upstream-stable: N/A "Fixed before branch point"
 4.9-upstream-stable: released (4.9.144) [a3dccfacd3a574365ab6c5118f8a944a4ba691fa]
 3.16-upstream-stable:
 sid: released (4.18.10-1)
diff --git a/active/CVE-2018-13406 b/active/CVE-2018-13406
index 19ad8531..dccc8aa4 100644
--- a/active/CVE-2018-13406
+++ b/active/CVE-2018-13406
@@ -9,6 +9,7 @@ Notes:
  bwh> either of those types.
 Bugs:
 upstream: released (4.18-rc1) [9f645bcc566a1e9f921bdae7528a01ced5bc3713]
+4.19-upstream-stable: N/A "Fixed before branch point"
 4.9-upstream-stable: released (4.9.111) [7673ca3c93414faf90fa2a3c339f1f625415fecb]
 3.16-upstream-stable: released (3.16.58) [video-uvesafb-fix-integer-overflow-in-allocation.patch]
 sid: released (4.17.6-1)
diff --git a/active/CVE-2018-14610 b/active/CVE-2018-14610
index 8f0d9a79..3e0cae9e 100644
--- a/active/CVE-2018-14610
+++ b/active/CVE-2018-14610
@@ -7,6 +7,7 @@ Notes:
  bwh> "btrfs: tree-checker: Verify block_group_item".
 Bugs:
 upstream: released (4.19-rc1) [514c7dca85a0bf40be984dab0b477403a6db901f]
+4.19-upstream-stable: N/A "Fixed before branch point"
 4.9-upstream-stable: released (4.9.144) [7a72f918825ddece7a4ed79583836f6f1e06e478]
 3.16-upstream-stable: needed
 sid: released (4.19.9-1)
diff --git a/active/CVE-2018-14611 b/active/CVE-2018-14611
index 8632871a..ef3d481d 100644
--- a/active/CVE-2018-14611
+++ b/active/CVE-2018-14611
@@ -7,6 +7,7 @@ Notes:
  bwh> "Btrfs: add validadtion checks for chunk loading".
 Bugs:
 upstream: released (4.19-rc1) [315409b0098fb2651d86553f0436b70502b29bb2]
+4.19-upstream-stable: N/A "Fixed before branch point"
 4.9-upstream-stable: released (4.9.144) [3c77b07dc365a7ed2644ca0dd38e6e40a9652d57]
 3.16-upstream-stable: needed
 sid: released (4.19.9-1)
diff --git a/active/CVE-2018-14612 b/active/CVE-2018-14612
index a5f8d425..fa9b37bf 100644
--- a/active/CVE-2018-14612
+++ b/active/CVE-2018-14612
@@ -9,6 +9,7 @@ Notes:
  carnil> that applies.
 Bugs:
 upstream: released (4.19-rc1) [ba480dd4db9f1798541eb2d1c423fc95feee8d36, 7ef49515fa6727cb4b6f2f5b0ffbc5fc20a9f8c6]
+4.19-upstream-stable: N/A "Fixed before branch point"
 4.9-upstream-stable: released (4.9.144) [6f33d3d8dca8683a4df94e9944296a1a1a2a6f10, 23eb2f435a07e1e09d48ea10c4a22bc96e16fde6]
 3.16-upstream-stable: needed
 sid: released (4.18.8-1)
diff --git a/active/CVE-2018-14613 b/active/CVE-2018-14613
index d12913bf..4700cb6e 100644
--- a/active/CVE-2018-14613
+++ b/active/CVE-2018-14613
@@ -5,6 +5,7 @@ References:
 Notes:
 Bugs:
 upstream: released (4.19-rc1) [fce466eab7ac6baa9d2dcd88abcf945be3d4a089]
+4.19-upstream-stable: N/A "Fixed before branch point"
 4.9-upstream-stable: released (4.9.144) [058e388e42c8dc5b6ce6248990c75a0459e20197]
 3.16-upstream-stable:
 sid: released (4.19.9-1)
diff --git a/active/CVE-2018-14614 b/active/CVE-2018-14614
index 0a05a07a..df5a0468 100644
--- a/active/CVE-2018-14614
+++ b/active/CVE-2018-14614
@@ -5,6 +5,7 @@ References:
 Notes:
 Bugs:
 upstream: released (4.19-rc1) [e494c2f995d6181d6e29c4927d68e0f295ecf75b]
+4.19-upstream-stable: N/A "Fixed before branch point"
 4.9-upstream-stable: released (4.9.144) [91fe514bedf4c72ae8046fe4cfa98c5e201f6b84]
 3.16-upstream-stable:
 sid: released (4.19.9-1)
diff --git a/active/CVE-2018-14615 b/active/CVE-2018-14615
index 71600053..2d23e72e 100644
--- a/active/CVE-2018-14615
+++ b/active/CVE-2018-14615
@@ -7,6 +7,7 @@ Notes:
  bwh> inode structure scalability"
 Bugs:
 upstream: released (4.19-rc1) [18dd6470c2d14d10f5a2dd926925dc80dbd3abfd]
+4.19-upstream-stable: N/A "Fixed before branch point"
 4.9-upstream-stable: N/A "Vulnerable code not present"
 3.16-upstream-stable: N/A "Vulnerable code not present"
 sid: released (4.19.9-1)
diff --git a/active/CVE-2018-14616 b/active/CVE-2018-14616
index 722e7b28..fb00a489 100644
--- a/active/CVE-2018-14616
+++ b/active/CVE-2018-14616
@@ -4,6 +4,7 @@ References:
 Notes:
 Bugs:
 upstream: released (4.19-rc1) [91291e9998d208370eb8156c760691b873bd7522]
+4.19-upstream-stable: N/A "Fixed before branch point"
 4.9-upstream-stable: released (4.9.144) [b10a6ac262f8c1c0c70a90e992137a5590325f0b]
 3.16-upstream-stable:
 sid: released (4.19.9-1)
diff --git a/active/CVE-2018-14625 b/active/CVE-2018-14625
index 88351fa9..6501244d 100644
--- a/active/CVE-2018-14625
+++ b/active/CVE-2018-14625
@@ -4,6 +4,7 @@ References:
 Notes:
 Bugs:
 upstream: released (4.20-rc6) [834e772c8db0c6a275d75315d90aba4ebbb1e249]
+4.19-upstream-stable: released (4.19.9) [f9cd25b1e5e575a5f18547bdc04ea40a23ad511a]
 4.9-upstream-stable: released (4.9.145) [569fc4ffb5de8f12fe01759f0b85098b7b9bba8e]
 3.16-upstream-stable: N/A "Vulnerable code not present"
 sid: released (4.19.9-1)
diff --git a/active/CVE-2018-16862 b/active/CVE-2018-16862
index 72e6e416..ad1074d8 100644
--- a/active/CVE-2018-16862
+++ b/active/CVE-2018-16862
@@ -6,6 +6,7 @@ References:
 Notes:
 Bugs:
 upstream: released (4.20-rc5) [6ff38bd40230af35e446239396e5fc8ebd6a5248]
+4.19-upstream-stable: released (4.19.7) [16a2d602244ff5327cecd210fdd50ad5ad443c9c]
 4.9-upstream-stable: released (4.9.144) [60b3d44f05c148f6f7f5e5b2a8165d328c3f22a0]
 3.16-upstream-stable: released (3.16.62) [56a7ebd4a3adc001b18a8feeb5cdf0b9fb2684fa]
 sid: released (4.19.9-1)
diff --git a/active/CVE-2018-16882 b/active/CVE-2018-16882
index 7d45522e..380b9dc0 100644
--- a/active/CVE-2018-16882
+++ b/active/CVE-2018-16882
@@ -7,7 +7,8 @@ Notes:
  carnil> needs to check if issue only introduced post/with 4.14-rc1.
 Bugs:
 upstream: released (4.20) [c2dd5146e9fe1f22c77c1b011adf84eea0245806]
-4.9-upstream-stable: released (4.19.13) [1972ca04708330b0edd52956e644e3974065a613]
+4.19-upstream-stable: released (4.19.13) [1972ca04708330b0edd52956e644e3974065a613]
+4.9-upstream-stable:
 3.16-upstream-stable:
 sid: released (4.19.13-1)
 4.9-stretch-security:
diff --git a/active/CVE-2018-17972 b/active/CVE-2018-17972
index de59a38b..28d70579 100644
--- a/active/CVE-2018-17972
+++ b/active/CVE-2018-17972
@@ -4,6 +4,7 @@ References:
 Notes:
 Bugs:
 upstream: released (4.19-rc7) [f8a00cef17206ecd1b30d3d9f99e10d9fa707aa7]
+4.19-upstream-stable: N/A "Fixed before branch point"
 4.9-upstream-stable: released (4.9.132) [3c5dc3f313cf1cb1645a0e832f51c1ba79aee934]
 3.16-upstream-stable: released (3.16.62) [6e8e3ad9d57f70fc58e2ecbafbfd1b3f37973cfc]
 sid: released (4.18.20-1)
diff --git a/active/CVE-2018-18021 b/active/CVE-2018-18021
index 52d191a6..91d258dc 100644
--- a/active/CVE-2018-18021
+++ b/active/CVE-2018-18021
@@ -4,6 +4,7 @@ References:
 Notes:
 Bugs:
 upstream: released (4.19-rc7) [d26c25a9d19b5976b319af528886f89cf455692d, 2a3f93459d689d990b3ecfbe782fec89b97d3279]
+4.19-upstream-stable: N/A "Fixed before branch point"
 4.9-upstream-stable: released (4.9.131) [bc769c0148cd9820c8db785a2a1298a6489125ae, 53819c17ecbee86089396e6e7ae1f3e6de958db9]
 3.16-upstream-stable: ignored "Too difficult to backport"
 sid: released (4.18.10-2) [bugfix/arm64/arm64-kvm-tighten-guest-core-register-access-from-us.patch, bugfix/arm64/arm64-kvm-sanitize-pstate.m-when-being-set-from-user.patch]
diff --git a/active/CVE-2018-18281 b/active/CVE-2018-18281
index f5691b79..a1cb7653 100644
--- a/active/CVE-2018-18281
+++ b/active/CVE-2018-18281
@@ -5,6 +5,7 @@ References:
 Notes:
 Bugs:
 upstream: released (4.19) [eb66ae030829605d61fbef1909ce310e29f78821]
+4.19-upstream-stable: N/A "Fixed before branch point"
 4.9-upstream-stable: released (4.9.135) [e34bd9a96704f7089ccad61b6e01ea985fa54dd6]
 3.16-upstream-stable: released (3.16.62) [2567a342d707b1245e837f16cb7555b360e2c580]
 sid: released (4.18.20-1)
diff --git a/active/CVE-2018-18397 b/active/CVE-2018-18397
index af309789..663c75cf 100644
--- a/active/CVE-2018-18397
+++ b/active/CVE-2018-18397
@@ -10,6 +10,7 @@ Notes:
  carnil> in 4.11-rc1.
 Bugs:
 upstream: released (4.20-rc5) [9e368259ad988356c4c95150fafd1a06af095d98, 5b51072e97d587186c2f5390c8c9c1fb7e179505, 29ec90660d68bbdd69507c1c8b4e33aa299278b1, e2a50c1f64145a04959df2442305d57307e5395a, dcf7fe9d89763a28e0f43975b422ff141fe79e43]
+4.19-upstream-stable: released (4.19.8) [10f98c134b02d11923d45ce6688c2479435e8ec9, 6e44dd02c95508f6df5eca4d46adbb75233ea181, 34b7a7cc5321a1b5e13320443557ba1cb11b42e7, 4ce337622f2bbc0df61b0b76aa60388f5def5646, 8f193a716e56f30e36a4c851e59bf6fa74af8d9f]
 4.9-upstream-stable: N/A "Vulnerable code introduced later"
 3.16-upstream-stable: N/A "Vulnerable code introduced later"
 sid: released (4.19.9-1)
diff --git a/active/CVE-2018-18690 b/active/CVE-2018-18690
index 927979f2..8bf9ba80 100644
--- a/active/CVE-2018-18690
+++ b/active/CVE-2018-18690
@@ -5,6 +5,7 @@ References:
 Notes:
 Bugs:
 upstream: released (4.17-rc4) [7b38460dc8e4eafba06c78f8e37099d3b34d473c]
+4.19-upstream-stable: N/A "Fixed before branch point"
 4.9-upstream-stable: released (4.9.144) [4ec44e98ab08c704d0ff1a35a21a0682a5562a27]
 3.16-upstream-stable: released (3.16.62) [789a4317666e599e487ec1983643de1b519c431e]
 sid: released (4.17.3-1)
diff --git a/active/CVE-2018-18710 b/active/CVE-2018-18710
index db64f0af..eb59cd47 100644
--- a/active/CVE-2018-18710
+++ b/active/CVE-2018-18710
@@ -3,6 +3,7 @@ References:
 Notes:
 Bugs:
 upstream: released (4.20-rc1) [e4f3aa2e1e67bb48dfbaaf1cad59013d5a5bc276]
+4.19-upstream-stable: released (4.19.3) [c8099dbf492b565a4f75ae7b8c08b76ca18c4c3f]
 4.9-upstream-stable: released (4.9.138) [8dd745a8799ee01fc67b64fd33cdb44d04eb7e4c]
 3.16-upstream-stable: released (3.16.62) [4d0f2564603d1ef8cce8a083751442342e9c9474]
 sid: released (4.18.20-1)
diff --git a/active/CVE-2018-19407 b/active/CVE-2018-19407
index c9718c2c..bbcc492e 100644
--- a/active/CVE-2018-19407
+++ b/active/CVE-2018-19407
@@ -8,6 +8,7 @@ Notes:
  bwh> reproducer didn't work for me on either 3.16 or 4.9.
 Bugs:
 upstream: released (4.20-rc5) [e97f852fd4561e77721bb9a4e0ea9d98305b1e93]
+4.19-upstream-stable: released (4.19.7) [61c42d657c859ccc95e53afdac64f73a0053b8ea]
 4.9-upstream-stable: released (4.9.143) [3a468e8e5a6124523e2e94c33866c609cc914876]
 3.16-upstream-stable: N/A "Vulnerable code not present"
 sid: released (4.19.9-1)
diff --git a/active/CVE-2018-19824 b/active/CVE-2018-19824
index b1dcd245..9628bf10 100644
--- a/active/CVE-2018-19824
+++ b/active/CVE-2018-19824
@@ -6,6 +6,7 @@ Notes:
  carnil> Commit fixes 362e4e49abe53e89d87455dfcd7c1bbaf08a839d (3.1-rc8)
 Bugs:
 upstream: released (4.20-rc6) [5f8cf712582617d523120df67d392059eaf2fc4b]
+4.19-upstream-stable: released (4.19.9) [a7e719ace75e4451b7958cb73cbc12c627760007]
 4.9-upstream-stable: released (4.9.145) [73000a4cec933fd331224df79df731ea929bb85c]
 3.16-upstream-stable: needed
 sid: released (4.19.9-1)
diff --git a/active/CVE-2018-20169 b/active/CVE-2018-20169
index 4af217df..4e1fa470 100644
--- a/active/CVE-2018-20169
+++ b/active/CVE-2018-20169
@@ -3,6 +3,7 @@ References:
 Notes:
 Bugs:
 upstream: released (4.20-rc6) [704620afc70cf47abb9d6a1a57f3825d2bca49cf]
+4.19-upstream-stable: released (4.19.9) [1b2e742bf7230ce04cda5b7348f922174bef2d7a]
 4.9-upstream-stable: released (4.9.145) [fe26b8d06e965239795bee0a71c9073bed931716]
 3.16-upstream-stable:
 sid: released (4.19.9-1)
diff --git a/active/CVE-2018-20511 b/active/CVE-2018-20511
index 9fd0ef39..dfa93787 100644
--- a/active/CVE-2018-20511
+++ b/active/CVE-2018-20511
@@ -5,6 +5,7 @@ References:
 Notes:
 Bugs:
 upstream: released (4.19-rc5) [9824dfae5741275473a23a7ed5756c7b6efacc9d]
+4.19-upstream-stable: N/A "Fixed before branch point"
 4.9-upstream-stable: released (4.9.130) [11f734283a987ac26365aefafdd012a3f37e05a3]
 3.16-upstream-stable:
 sid: released (4.18.20-1)
diff --git a/active/CVE-2018-3646 b/active/CVE-2018-3646
index 1473d01c..363de217 100644
--- a/active/CVE-2018-3646
+++ b/active/CVE-2018-3646
@@ -11,6 +11,7 @@ Notes:
  carnil> Will be adressed in 4.18.1, 4.17.15, 4.14.63, 4.9.120, and 4.4.148.
 Bugs:
 upstream: released (4.19-rc1) [781fca5b104693bc9242199cc47c690dcaf6a4cb..07d981ad4cf1e78361c6db1c28ee5ba105f96cc1]
+4.19-upstream-stable: N/A "Fixed before branch point"
 4.9-upstream-stable: released (4.9.120) [329d815667373e858497b5947ad0484194d8c3e2..7f5d090ffe9e7603265e7991aacec64d86cf70ab]
 3.16-upstream-stable: needed
 sid: released (4.17.15-1)
diff --git a/active/CVE-2018-3693 b/active/CVE-2018-3693
index 6476ac62..641cd876 100644
--- a/active/CVE-2018-3693
+++ b/active/CVE-2018-3693
@@ -14,6 +14,7 @@ Notes:
  bwh> be an ongoing process.
 Bugs:
 upstream: needed
+4.19-upstream-stable: needed
 4.9-upstream-stable: needed
 3.16-upstream-stable: needed
 sid: needed
diff --git a/active/CVE-2018-5391 b/active/CVE-2018-5391
index 4f24be88..35598c6e 100644
--- a/active/CVE-2018-5391
+++ b/active/CVE-2018-5391
@@ -30,6 +30,7 @@ Notes:
  carnil> thus CVE-2018-14641.
 Bugs:
 upstream: released (4.19-rc1) [7969e5c40dfd04799d4341f1b7cd266b6e47f227, 385114dec8a49b5e5945e77ba7de6356106713f4, fa0f527358bd900ef92f925878ed6bfbd51305cc]
+4.19-upstream-stable: N/A "Fixed before branch point"
 4.9-upstream-stable: released (4.9.134) [7fca77153c5c2a2c59e70720332bce7088aef8e8, 2ffb1c363dfa89858dded0b291f005faf1b72adc, bbf6d8604475f36279c7b2d9a1f425654bc24588, dae73e7d73fce8d8d5132ec3c94de16280653fc6, 1b363f81f38f28bd69ec90837da0f65161f36325, 620018dd713da51daac7ec4cd0ae54b0f0fa0f75, fb19348bd709e3f948825ed995bdc477a0414772, 23ce9c5ce704b985dad79bce944a348f0c205869, ea7496f018adcfbac5396ead5756dcabb9866749, 49106f36c253a3c4ce7cf297415826af0c4339ea, 965e2adc5850836586e0961c350b94c2092da319, 7f6170683223cb38cabaff21ecbb9a6375ad10f6, 7a87ec92d36a660820d426d8c54794c44077277f, cbc45497b39c4626adaeca2a409588f19ae19e34, 6060bcdcffaba68c3ff158a88faab6df27210ffc, 5b68fda0a455be7f48fdf97407de1aa09d046fdd, 316986fe4dcac011b4f85d9bbef1edf4953c0219, d838486621c38f084b867743a0abd0968c6cb196, 82f36cbc74595f06900f478d4eaf7217a4f06e13, f5d17b55f4be318adf3b642b50bd25e5245ecc17, 871695951ec6f6b0b1a258c9bb5336bfeffab409, a8444b1ccb20339774af58e40ad42296074fb484, 791521e2e377f66ef5ee6e5002dec758234d8d32, b475cf3bf1e8212b0287c6d15249e2c942693ae5, 10043954eadac2d8f8c1886190f7a7ee584ff939, e9e4ac488c017739b2832177550ba2569fffc709, 4077ddb2cb48ca4592d738ea37cd58c5d41754bd, 85e59af99a7f7c9bcd089f2404b405df7ee665ba, 5a0f340f5ad6a6cc6518f212802f95b669e8fe27]
 3.16-upstream-stable: needed
 sid: released (4.17.15-1) [bugfix/all/Revert-net-increase-fragment-memory-usage-limits.patch]
diff --git a/active/CVE-2018-5848 b/active/CVE-2018-5848
index 899ad542..cc3e80f0 100644
--- a/active/CVE-2018-5848
+++ b/active/CVE-2018-5848
@@ -7,6 +7,7 @@ References:
 Notes:
 Bugs:
 upstream: released (4.16-rc1) [b5a8ffcae4103a9d823ea3aa3a761f65779fbe2a]
+4.19-upstream-stable: N/A "Fixed before branch point"
 4.9-upstream-stable: released (4.9.144) [35db4d1ed8a344899a87887fa7bf11be5b057bec]
 3.16-upstream-stable: released (3.16.62) [921c1539170bf690cad59b3dbebf7d46843d28e2]
 sid: released (4.16.5-1)
diff --git a/active/CVE-2018-5953 b/active/CVE-2018-5953
index 8f2c943d..4c599f0f 100644
--- a/active/CVE-2018-5953
+++ b/active/CVE-2018-5953
@@ -8,6 +8,7 @@ Notes:
  bwh> be possible.
 Bugs:
 upstream: released (4.15-rc2) [ad67b74d2469d9b82aaa572d76474c95bc484d57]
+4.19-upstream-stable: N/A "Fixed before branch point"
 4.9-upstream-stable: needed
 3.16-upstream-stable: needed
 sid: released (4.15.4-1)
diff --git a/active/CVE-2018-5995 b/active/CVE-2018-5995
index e5ee9669..633ccce8 100644
--- a/active/CVE-2018-5995
+++ b/active/CVE-2018-5995
@@ -8,6 +8,7 @@ Notes:
  bwh> be possible.
 Bugs:
 upstream: released (4.15-rc2) [ad67b74d2469d9b82aaa572d76474c95bc484d57]
+4.19-upstream-stable: N/A "Fixed before branch point"
 4.9-upstream-stable: needed
 3.16-upstream-stable: needed
 sid: released (4.15.4-1)
diff --git a/active/CVE-2018-7273 b/active/CVE-2018-7273
index 6739a71f..d1a0f5b7 100644
--- a/active/CVE-2018-7273
+++ b/active/CVE-2018-7273
@@ -6,6 +6,7 @@ Notes:
  bwh> this needs to be specifically addressed upstream.
 Bugs:
 upstream: released (4.15-rc2) [ad67b74d2469d9b82aaa572d76474c95bc484d57]
+4.19-upstream-stable: N/A "Fixed before branch point"
 4.9-upstream-stable: needed
 3.16-upstream-stable: needed
 3.2-upstream-stable: ignored "Minor issue"
diff --git a/active/CVE-2018-9517 b/active/CVE-2018-9517
index 745574a6..940633a7 100644
--- a/active/CVE-2018-9517
+++ b/active/CVE-2018-9517
@@ -8,6 +8,7 @@ Notes:
  bwh> sorted out.
 Bugs:
 upstream: released (v4.14-rc1) [f026bc29a8e093edfbb2a77700454b285c97e8ad]
+4.19-upstream-stable: N/A "Fixed before branch point"
 4.9-upstream-stable: needed
 3.16-upstream-stable: released (3.16.51) [0b3ca265e81f5e1d9f7f66ad416cbabecca914cf]
 sid: released (4.14.2-1)
author	Ben Hutchings <ben@decadent.org.uk>	2019-01-07 23:12:54 +0000
committer	Ben Hutchings <ben@decadent.org.uk>	2019-01-07 23:12:54 +0000
commit	8a4c57534df082728ca98dd1d3d68321325c5d9a (patch)
tree	9d65c1b0aa337d0d5e4c6103744c77a405e30ae9
parent	c29a69600ca41ee282e4b46336e0e1b1d569bfaa (diff)