Retire two issues

author: Moritz Muehlenhoff <jmm@debian.org> 2018-01-31 19:05:26 +0100
committer: Moritz Muehlenhoff <jmm@debian.org> 2018-01-31 19:05:26 +0100
commit: b2bc9515f1da143950891491c1ed00001352ad87 (patch)
tree: 6f87d46138b7b4365ab65040dfcf40e93b35a941 /retired/CVE-2017-17448
parent: c38548245240cfb6d374ea3b867562289ee65c4f (diff)
1 files changed, 15 insertions, 0 deletions
diff --git a/retired/CVE-2017-17448 b/retired/CVE-2017-17448
new file mode 100644
index 00000000..0096fcac
--- /dev/null
+++ b/retired/CVE-2017-17448
@@ -0,0 +1,15 @@
+Description: netfilter: nfnetlink_cthelper: Add missing permission checks
+References:
+ https://patchwork.kernel.org/patch/10089373/
+Notes:
+ bwh> This is mitigated in Debian by unprivileged user namespaces being
+ bwh> default-disabled.
+Bugs:
+upstream: released (4.15-rc4) [4b380c42f7d00a395feede754f0bc2292eebe6e5]
+4.9-upstream-stable: released (4.9.79) [2c3184ea80322347287bc7e57f782d77f478e73c]
+3.16-upstream-stable: released (3.16.52) [fad6474d43e985338e4c2b3bb1a7668cca1f041a]
+3.2-upstream-stable: N/A "User namespaces not supported"
+sid: released (4.14.7-1) [bugfix/all/netfilter-nfnetlink_cthelper-add-missing-permission-.patch]
+4.9-stretch-security: released (4.9.65-3+deb9u1) [bugfix/all/netfilter-nfnetlink_cthelper-add-missing-permission-.patch]
+3.16-jessie-security: released (3.16.51-3+deb8u1) [bugfix/all/netfilter-nfnetlink_cthelper-add-missing-permission-.patch]
+3.2-wheezy-security: N/A "User namespaces not supported"
author	Moritz Muehlenhoff <jmm@debian.org>	2018-01-31 19:05:26 +0100
committer	Moritz Muehlenhoff <jmm@debian.org>	2018-01-31 19:05:26 +0100
commit	b2bc9515f1da143950891491c1ed00001352ad87 (patch)
tree	6f87d46138b7b4365ab65040dfcf40e93b35a941 /retired/CVE-2017-17448
parent	c38548245240cfb6d374ea3b867562289ee65c4f (diff)