Retire issues that are released, ignored or N/A on all branches

git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@5445 e094ebfe-e918-0410-adfb-c712417f3574

1 files changed, 23 insertions, 0 deletions

diff --git a/retired/CVE-2015-8952 b/retired/CVE-2015-8952
new file mode 100644
index 00000000..c8c14a4d
--- /dev/null
+++ b/retired/CVE-2015-8952
@@ -0,0 +1,23 @@
+Description:
+References:
+ https://lwn.net/Articles/668718/
+ https://bugzilla.redhat.com/show_bug.cgi?id=1360968
+ https://bugzilla.kernel.org/show_bug.cgi?id=107301
+Notes:
+ bwh> The upstream fix (rewrite of mbcache) is too intrusive to backport.
+ bwh> We will mitigate this with cond_resched() as suggested in comment 1
+ bwh> on the bz.k.o bug report.  I didn't want to add the no_mbcache mount
+ bwh> option as in comment 12 because it's a uAPI extension, but it has
+ bwh> now been added upstream (commit cdb7ee4c6327) so I think it would be
+ bwh> reasonable to add it to supported stable releases.
+ bwh> The problem seems to have been introduced (or exacerbated) by commit
+ bwh> 1f3e55fe02d1 in 3.15, which added a retry loop in mb_cache_entry_alloc().
+Bugs:
+upstream: released (4.6-rc1) [f9a61eb4e2471c56a63cd804c7474128138c38ac, 82939d7999dfc1f1998c4b1c12e2f19edbdff272, be0726d33cb8f411945884664924bed3cb8c70ee]
+4.9-upstream-stable: N/A "Fixed before branch point"
+3.16-upstream-stable: ignored "Too intrusive to backport"
+3.2-upstream-stable: ignored "Too intrusive to backport, and seems to be minor issue"
+sid: released (4.6.1-1)
+4.9-stretch-security: N/A "Fixed before branching point"
+3.16-jessie-security: ignored "Too intrusive to backport, but will be mitigated"
+3.2-wheezy-security: ignored "Too intrusive to backport, and seems to be minor issue"