Retire several CVEs

git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@5834 e094ebfe-e918-0410-adfb-c712417f3574
author: Salvatore Bonaccorso <carnil@debian.org> 2017-12-24 07:36:56 +0000
committer: Salvatore Bonaccorso <carnil@debian.org> 2017-12-24 07:36:56 +0000
commit: 9a53b9c6d958966fc78a6511fbe0f7926448251a (patch)
tree: a5ba1eb6c02bfcf7657c37693c6899359b5ba2af /retired/CVE-2017-17854
parent: 2193ab58e9173e2630c27364d10dbf9ea304a80b (diff)
1 files changed, 14 insertions, 0 deletions
diff --git a/retired/CVE-2017-17854 b/retired/CVE-2017-17854
new file mode 100644
index 00000000..ebbba195
--- /dev/null
+++ b/retired/CVE-2017-17854
@@ -0,0 +1,14 @@
+Description: bpf: fix integer overflows
+References:
+ http://www.openwall.com/lists/oss-security/2017/12/21/2
+Notes:
+ carnil> Introduced by f1174f77b50c94eecaa658fdc56fa69b421de4b8 in 4.14-rc1
+Bugs:
+upstream: released (4.15-rc5) [bb7f0f989ca7de1153bd128a40a71709e339fa03]
+4.9-upstream-stable: N/A "Vulnerable code introduced in 4.14-rc1"
+3.16-upstream-stable: N/A "Vulnerable code introduced in 4.14-rc1"
+3.2-upstream-stable: N/A "Vulnerable code introduced in 4.14-rc1"
+sid: released (4.14.7-1) [bugfix/all/bpf-fix-integer-overflows.patch]
+4.9-stretch-security: N/A "Vulnerable code not present"
+3.16-jessie-security: N/A "Vulnerable code not present"
+3.2-wheezy-security: N/A "Vulnerable code not present"
author	Salvatore Bonaccorso <carnil@debian.org>	2017-12-24 07:36:56 +0000
committer	Salvatore Bonaccorso <carnil@debian.org>	2017-12-24 07:36:56 +0000
commit	9a53b9c6d958966fc78a6511fbe0f7926448251a (patch)
tree	a5ba1eb6c02bfcf7657c37693c6899359b5ba2af /retired/CVE-2017-17854
parent	2193ab58e9173e2630c27364d10dbf9ea304a80b (diff)