Retire issues that are now released, N/A, or ignored in all branches

git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@5589 e094ebfe-e918-0410-adfb-c712417f3574
author: Ben Hutchings <benh@debian.org> 2017-09-20 20:36:39 +0000
committer: Ben Hutchings <benh@debian.org> 2017-09-20 20:36:39 +0000
commit: d6ce9ee6d4c958926ec6efa83eb940d75c80c0bc (patch)
tree: 8713bc119fef3045f9e264c4045ca8231ece0edd /retired/CVE-2017-1000365
parent: cb9821d07dc5d267696faf0554259d5117df5caf (diff)
1 files changed, 14 insertions, 0 deletions
diff --git a/retired/CVE-2017-1000365 b/retired/CVE-2017-1000365
new file mode 100644
index 00000000..f462754b
--- /dev/null
+++ b/retired/CVE-2017-1000365
@@ -0,0 +1,14 @@
+Description: argv and envp pointer arrays do not count toward the argument/environment size limit
+References:
+ https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
+Notes:
+ bwh> Introduced by commit b6a2fea39318 "mm: variable length argument support"
+Bugs:
+upstream: released (4.12-rc7) [98da7d08850fb8bdeb395d6368ed15753304aa0c]
+4.9-upstream-stable: released (4.9.35) [3d6848e491df6abbf5fb5b1fabb7a5df2e2b8f4f]
+3.16-upstream-stable: released (3.16.46) [d7575b387f81c1a92e32c25dcb6a0e14458ae66c]
+3.2-upstream-stable: released (3.2.91) [cea299eb189fca09c413432b807abd607385b3bc]
+sid: released (4.11.11-1)
+4.9-stretch-security: released (4.9.30-2+deb9u3) [bugfix/all/fs-exec.c-account-for-argv-envp-pointers.patch]
+3.16-jessie-security: released (3.16.43-2+deb8u3) [bugfix/all/fs-exec.c-account-for-argv-envp-pointers.patch]
+3.2-wheezy-security: released (3.2.93-1)
author	Ben Hutchings <benh@debian.org>	2017-09-20 20:36:39 +0000
committer	Ben Hutchings <benh@debian.org>	2017-09-20 20:36:39 +0000
commit	d6ce9ee6d4c958926ec6efa83eb940d75c80c0bc (patch)
tree	8713bc119fef3045f9e264c4045ca8231ece0edd /retired/CVE-2017-1000365
parent	cb9821d07dc5d267696faf0554259d5117df5caf (diff)