retire more issues

author: Moritz Muehlenhoff <jmm@debian.org> 2018-10-10 16:08:10 +0200
committer: Moritz Muehlenhoff <jmm@debian.org> 2018-10-10 16:08:10 +0200
commit: e58840f1b07272348f16568187550f5c219ee2eb (patch)
tree: b971c0cfbc0ac9ff0560015a7861cbb6560c73ae /retired/CVE-2018-10938
parent: 57b924820eb68766ff307bf9efd9f1d318dd0a34 (diff)
1 files changed, 14 insertions, 0 deletions
diff --git a/retired/CVE-2018-10938 b/retired/CVE-2018-10938
new file mode 100644
index 00000000..b0a61352
--- /dev/null
+++ b/retired/CVE-2018-10938
@@ -0,0 +1,14 @@
+Description: Cipso: cipso_v4_optptr infinite loop
+References:
+ http://www.openwall.com/lists/oss-security/2018/08/27/1
+Notes:
+ carnil> Introduced by 04f81f0154e4bf002be6f4d85668ce1257efa4d9 (4.0-rc1)
+ carnil> We do not build the module, thus marked as severity unimportant
+ carnil> in the security-tracker itself.
+Bugs:
+upstream: released (4.13-rc5) [40413955ee265a5e42f710940ec78f5450d49149]
+4.9-upstream-stable: released (4.9.125) [e8e519f8ec33ce670abef2cfc0613ec26319841e]
+3.16-upstream-stable: N/A "Vulnerable code introduced later"
+sid: released (4.13.4-1)
+4.9-stretch-security: released (4.9.110-3+deb9u5) [bugfix/all/cipso-cipso_v4_optptr-enter-infinite-loop.patch]
+3.16-jessie-security: N/A "Vulnerable code not present"
author	Moritz Muehlenhoff <jmm@debian.org>	2018-10-10 16:08:10 +0200
committer	Moritz Muehlenhoff <jmm@debian.org>	2018-10-10 16:08:10 +0200
commit	e58840f1b07272348f16568187550f5c219ee2eb (patch)
tree	b971c0cfbc0ac9ff0560015a7861cbb6560c73ae /retired/CVE-2018-10938
parent	57b924820eb68766ff307bf9efd9f1d318dd0a34 (diff)