Retire many issues now released (or N/A or ignored) in all branches

git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@5001 e094ebfe-e918-0410-adfb-c712417f3574

1 files changed, 18 insertions, 0 deletions

diff --git a/retired/CVE-2015-8964 b/retired/CVE-2015-8964
new file mode 100644
index 00000000..97e0f859
--- /dev/null
+++ b/retired/CVE-2015-8964
@@ -0,0 +1,18 @@
+Description: Potential information leak or use-after-free in tty subsystem
+References:
+ https://source.android.com/security/bulletin/2016-11-01.html
+Notes:
+ bwh> A known use-after-free bug in N_X25 has already been fixed
+ bwh> (commit ee9159ddce14, no CVE assigned).  The Android security
+ bwh> bulletin says this fixes an information leak, presumably because
+ bwh> if receive_room is too large it will permit reading beyond a
+ bwh> buffer.  We also need commit fd98e9419d8d ("isdn/gigaset: reset
+ bwh> tty->receive_room when attaching ser_gigaset") to avoid a
+ bwh> regression.
+Bugs:
+upstream: released (4.5-rc1) [dd42bf1197144ede075a9d4793123f7689e164bc]
+3.16-upstream-stable: released (3.16.40) [tty-prevent-ldisc-drivers-from-re-using-stale-tty-fields.patch]
+3.2-upstream-stable: released (3.2.85) [tty-prevent-ldisc-drivers-from-re-using-stale-tty-fields.patch]
+sid: released (4.5.1-1)
+3.16-jessie-security: released (3.16.39-1) [bugfix/all/tty-prevent-ldisc-drivers-from-re-using-stale-tty-fi.patch]
+3.2-wheezy-security: released (3.2.84-1) [bugfix/all/tty-prevent-ldisc-drivers-from-re-using-stale-tty-fi.patch]