Retiire some CVEs

git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@4618 e094ebfe-e918-0410-adfb-c712417f3574
author: Salvatore Bonaccorso <carnil@debian.org> 2016-09-04 17:14:01 +0000
committer: Salvatore Bonaccorso <carnil@debian.org> 2016-09-04 17:14:01 +0000
commit: 71b94564ea973dd8461334bf9e777bf3af1391b9 (patch)
tree: 4d34f07e671e40713bea9b3f72456fa836b6f79f /retired/CVE-2016-5696
parent: accb192b97f8661613eaaba06da3783282a5bef3 (diff)
1 files changed, 18 insertions, 0 deletions
diff --git a/retired/CVE-2016-5696 b/retired/CVE-2016-5696
new file mode 100644
index 00000000..d091f00c
--- /dev/null
+++ b/retired/CVE-2016-5696
@@ -0,0 +1,18 @@
+Description: challenge ACK counter information disclosure
+References:
+ https://bugzilla.redhat.com/show_bug.cgi?id=1354708
+ https://www.mail-archive.com/netdev@vger.kernel.org/msg118824.html
+Notes:
+ RFC 5961 3.2 has been implemented in v3.6-rc1 with commit
+ 282f23c6ee343126156dd41218b22ece96d747e3 . But it seems to have
+ been backported to older versions as well (including 3.2.x)
+ .
+ Additionally (but not strictly needed for the CVE, AFAICT), the commit
+ 083ae308280d13d187512b9babe3454342a7987e might be added as well.
+Bugs:
+upstream: released (4.7) [75ff39ccc1bd5d3c455b6822ab09e533c551f758]
+3.16-upstream-stable: released (3.16.37) [tcp-make-challenge-acks-less-predictable.patch]
+3.2-upstream-stable: released (3.2.82) [tcp-make-challenge-acks-less-predictable.patch]
+sid: released (4.7.2-1)
+3.16-jessie-security: released (3.16.36-1+deb8u1) [bugfix/all/tcp-make-challenge-acks-less-predictable.patch]
+3.2-wheezy-security: released (3.2.81-2) [bugfix/all/tcp-make-challenge-acks-less-predictable.patch]
author	Salvatore Bonaccorso <carnil@debian.org>	2016-09-04 17:14:01 +0000
committer	Salvatore Bonaccorso <carnil@debian.org>	2016-09-04 17:14:01 +0000
commit	71b94564ea973dd8461334bf9e777bf3af1391b9 (patch)
tree	4d34f07e671e40713bea9b3f72456fa836b6f79f /retired/CVE-2016-5696
parent	accb192b97f8661613eaaba06da3783282a5bef3 (diff)