Retire CVE-2016-0758

git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@4446 e094ebfe-e918-0410-adfb-c712417f3574
author: Salvatore Bonaccorso <carnil@debian.org> 2016-06-16 04:58:04 +0000
committer: Salvatore Bonaccorso <carnil@debian.org> 2016-06-16 04:58:04 +0000
commit: 98f977a6a6bab4b412288facea6b95784d304c4d (patch)
tree: 5c01e5b5f1f0e81c84d0e406ec8b4180a8df1b0f /retired/CVE-2016-0758
parent: cbc9b339167086c356e1fc80778da7a7306150b7 (diff)
1 files changed, 12 insertions, 0 deletions
diff --git a/retired/CVE-2016-0758 b/retired/CVE-2016-0758
new file mode 100644
index 00000000..ac06916c
--- /dev/null
+++ b/retired/CVE-2016-0758
@@ -0,0 +1,12 @@
+Description: tags with indefinite length can corrupt pointers in asn1_find_indefinite_length()
+References:
+ https://lkml.org/lkml/2016/5/12/270
+Notes:
+Bugs:
+ https://bugzilla.redhat.com/show_bug.cgi?id=1300257
+upstream: released (4.6) [23c8a812dc3c621009e4f0e5342aa4e2ede1ceaa]
+3.16-upstream-stable: released (3.16.36) [keys-fix-asn.1-indefinite-length-object-parsing.patch]
+3.2-upstream-stable: N/A "Vulnerable code introduced by 42d5ec27f873c654a68f7f865dcd7737513e9508 (3.10-rc1)
+sid: released (4.5.4-1) [bugfix/all/KEYS-Fix-ASN.1-indefinite-length-object-parsing.patch]
+3.16-jessie-security: N/A "Vulnerable code is not built"
+3.2-wheezy-security: N/A "Vulnerable code not present"
author	Salvatore Bonaccorso <carnil@debian.org>	2016-06-16 04:58:04 +0000
committer	Salvatore Bonaccorso <carnil@debian.org>	2016-06-16 04:58:04 +0000
commit	98f977a6a6bab4b412288facea6b95784d304c4d (patch)
tree	5c01e5b5f1f0e81c84d0e406ec8b4180a8df1b0f /retired/CVE-2016-0758
parent	cbc9b339167086c356e1fc80778da7a7306150b7 (diff)