Retire CVE-2018-1000028

author: Salvatore Bonaccorso <carnil@debian.org> 2018-02-15 19:38:44 +0100
committer: Salvatore Bonaccorso <carnil@debian.org> 2018-02-15 19:38:44 +0100
commit: 445ac2e64e4df30880b05328bec40aeb97b8af37 (patch)
tree: f784b3af3021a979ceef13cd7532a19ea8ff0341 /retired/CVE-2018-1000028
parent: a9a7374aadd1ab71258396e7fd3f7a2aac2dbaa0 (diff)
1 files changed, 17 insertions, 0 deletions
diff --git a/retired/CVE-2018-1000028 b/retired/CVE-2018-1000028
new file mode 100644
index 00000000..9bf3c070
--- /dev/null
+++ b/retired/CVE-2018-1000028
@@ -0,0 +1,17 @@
+Description: nfsd: auth: Fix gid sorting when rootsquash enabled
+References:
+Notes:
+ carnil> Introduced with bdcf0a423ea1 (4.15-rc4) and various
+ carnil> backports (4.14.8+, 4.9.76+).
+ carnil> When though fixing in stretch via new a version
+ carnil> >= 4.9.76 needs to apply a backport of
+ carnil> 1995266727fa8143897e89b55f5d3c79aa828420 as well.
+Bugs:
+upstream: released (4.15) [1995266727fa8143897e89b55f5d3c79aa828420]
+4.9-upstream-stable: released (4.9.79) [f12d0602633decf073796f3aaa59eec7ff2da9e2]
+3.16-upstream-stable: N/A "Vulnerable code introduced later"
+3.2-upstream-stable: N/A "Vulnerable code introduced later"
+sid: released (4.14.17-1)
+4.9-stretch-security: N/A "Vulnerable code introduced later"
+3.16-jessie-security: N/A "Vulnerable code introduced later"
+3.2-wheezy-security: N/A "Vulnerable code introduced later"
author	Salvatore Bonaccorso <carnil@debian.org>	2018-02-15 19:38:44 +0100
committer	Salvatore Bonaccorso <carnil@debian.org>	2018-02-15 19:38:44 +0100
commit	445ac2e64e4df30880b05328bec40aeb97b8af37 (patch)
tree	f784b3af3021a979ceef13cd7532a19ea8ff0341 /retired/CVE-2018-1000028
parent	a9a7374aadd1ab71258396e7fd3f7a2aac2dbaa0 (diff)