Retire inactive issues

author: Ben Hutchings <ben@decadent.org.uk> 2019-03-28 01:50:09 +0000
committer: Ben Hutchings <ben@decadent.org.uk> 2019-03-28 01:50:09 +0000
commit: 27b3d6a80bd2f514d34d033cf2bd02f4e3145ad7 (patch)
tree: 3c74df6a121b9b0354a8cbd59ebdc1b5b54ad106 /retired/CVE-2017-13305
parent: eb51c7725271bea941d40933c031ae86b716e971 (diff)
1 files changed, 14 insertions, 0 deletions
diff --git a/retired/CVE-2017-13305 b/retired/CVE-2017-13305
new file mode 100644
index 00000000..9a63efce
--- /dev/null
+++ b/retired/CVE-2017-13305
@@ -0,0 +1,14 @@
+Description: Buffer over-read in keyring subsystem allows exposing potentially sensitive information to local attacker
+References:
+ https://source.android.com/security/bulletin/pixel/2018-04-01
+ https://bugzilla.redhat.com/show_bug.cgi?id=1581637
+Notes:
+ carnil> Possibly only affecting 3.18+ but needs check.
+Bugs:
+upstream: released (4.12-rc5) [794b4bc292f5d31739d89c0202c54e7dc9bc3add]
+4.19-upstream-stable: N/A "Fixed before branch point"
+4.9-upstream-stable: released (4.9.81) [9692602ab850eec484d8cc5a740803d34f00016c]
+3.16-upstream-stable: released (3.16.62) [bfe535bf4ab73e41922c7a58d6a858a2c435ff29]
+sid: released (4.12.6-1)
+4.9-stretch-security: released (4.9.82-1+deb9u1)
+3.16-jessie-security: released (3.16.64-1)
author	Ben Hutchings <ben@decadent.org.uk>	2019-03-28 01:50:09 +0000
committer	Ben Hutchings <ben@decadent.org.uk>	2019-03-28 01:50:09 +0000
commit	27b3d6a80bd2f514d34d033cf2bd02f4e3145ad7 (patch)
tree	3c74df6a121b9b0354a8cbd59ebdc1b5b54ad106 /retired/CVE-2017-13305
parent	eb51c7725271bea941d40933c031ae86b716e971 (diff)