Retire several CVEs fixed everywhere

git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@5772 e094ebfe-e918-0410-adfb-c712417f3574
author: Salvatore Bonaccorso <carnil@debian.org> 2017-12-09 08:52:03 +0000
committer: Salvatore Bonaccorso <carnil@debian.org> 2017-12-09 08:52:03 +0000
commit: f3dd331af9c70c6b5158fc1cd6a0ebc8f14714d3 (patch)
tree: edcf14e6de0e9d6e41f5c2a25173cff32a4ec6a3 /retired/CVE-2017-0786
parent: 8a5e0e12add23e540c83f904ae19ccac1a4116fa (diff)
1 files changed, 14 insertions, 0 deletions
diff --git a/retired/CVE-2017-0786 b/retired/CVE-2017-0786
new file mode 100644
index 00000000..483a3912
--- /dev/null
+++ b/retired/CVE-2017-0786
@@ -0,0 +1,14 @@
+Description:  brcmfmac: add length check in brcmf_cfg80211_escan_handler()
+References:
+Notes:
+ bwh> Upstream commit is marked for 4.0 onward, but I think the bug was
+ bwh> introduced in 3.7 by commit e756af5b30b0 "brcmfmac: add e-scan support."
+Bugs:
+upstream: released (4.14-rc4) [17df6453d4be17910456e99c5a85025aa1b7a246]
+4.9-upstream-stable: released (4.9.55) [4d3132d97aa753104ee35722352a895750a0fca5]
+3.16-upstream-stable: released (3.16.50) [7df83adfc5d38bf960ef7ff0e4cb1c2c92715f63]
+3.2-upstream-stable: N/A "Vulnerable code not present"
+sid: released (4.13.4-2) [bugfix/all/brcmfmac-add-length-check-in-brcmf_cfg80211_escan_ha.patch]
+4.9-stretch-security: released (4.9.65-1)
+3.16-jessie-security: released (3.16.51-1)
+3.2-wheezy-security: N/A "Vulnerable code not present"
author	Salvatore Bonaccorso <carnil@debian.org>	2017-12-09 08:52:03 +0000
committer	Salvatore Bonaccorso <carnil@debian.org>	2017-12-09 08:52:03 +0000
commit	f3dd331af9c70c6b5158fc1cd6a0ebc8f14714d3 (patch)
tree	edcf14e6de0e9d6e41f5c2a25173cff32a4ec6a3 /retired/CVE-2017-0786
parent	8a5e0e12add23e540c83f904ae19ccac1a4116fa (diff)