retire issues which have been submitted to 2.6.32.x LTS and which are fixed in

all other suites, 2.6.32.x releases at much slower pace, no need to wait here git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@3442 e094ebfe-e918-0410-adfb-c712417f3574
author: Moritz Muehlenhoff <jmm@debian.org> 2014-07-14 10:16:14 +0000
committer: Moritz Muehlenhoff <jmm@debian.org> 2014-07-14 10:16:14 +0000
commit: 62a92f5f266664476bac215626961ab647075056 (patch)
tree: 27f05669d005f5a7457e2e1a54710427a0a922d4 /retired/CVE-2014-3144
parent: fc1e12a588f67532c94cb9c2ef71c2f53efb4911 (diff)
1 files changed, 14 insertions, 0 deletions
diff --git a/retired/CVE-2014-3144 b/retired/CVE-2014-3144
new file mode 100644
index 00000000..015d0976
--- /dev/null
+++ b/retired/CVE-2014-3144
@@ -0,0 +1,14 @@
+Description: The BPF_S_ANC_NLATTR and BPF_S_ANC_NLATTR_NEST extensions fail to check for a minimal message length
+References:
+ http://www.openwall.com/lists/oss-security/2014/05/09/5
+Notes:
+ Thought to be fixed in 3.14.4-1 by patch
+ bugfix/all/filter-prevent-nla-extensions-to-peek-beyond-the-end.patch,
+ but two hunks are applied in the same place so the bug is only half-fixed.
+Bugs:
+upstream: released (v3.15-rc2) [05ab8f2647e4221cbdb3856dd7d32bd5407316b3]
+2.6.32-upstream-stable: pending (2.6.32.64)
+sid: released (3.14.5-1)
+3.2-wheezy-security: released (3.2.57-3+deb7u2) [bugfix/all/filter-prevent-nla-extensions-to-peek-beyond-the-end.patch]
+2.6.32-squeeze-security: released (2.6.32-48squeeze8)
+3.2-upstream-stable: released (3.2.60)
author	Moritz Muehlenhoff <jmm@debian.org>	2014-07-14 10:16:14 +0000
committer	Moritz Muehlenhoff <jmm@debian.org>	2014-07-14 10:16:14 +0000
commit	62a92f5f266664476bac215626961ab647075056 (patch)
tree	27f05669d005f5a7457e2e1a54710427a0a922d4 /retired/CVE-2014-3144
parent	fc1e12a588f67532c94cb9c2ef71c2f53efb4911 (diff)