Retire several CVEs

author: Salvatore Bonaccorso <carnil@debian.org> 2020-06-11 09:46:30 +0200
committer: Salvatore Bonaccorso <carnil@debian.org> 2020-06-11 09:46:30 +0200
commit: 9cd139b64b8458e7934cf2d43a83d81e9a076e0f (patch)
tree: 3db2ce2c38f26190276cb520f651cecb31556b70 /retired/CVE-2018-14612
parent: 236bb8f35c5bf6d0962f44bc7a2aba1a433f26d0 (diff)
1 files changed, 18 insertions, 0 deletions
diff --git a/retired/CVE-2018-14612 b/retired/CVE-2018-14612
new file mode 100644
index 00000000..320744e3
--- /dev/null
+++ b/retired/CVE-2018-14612
@@ -0,0 +1,18 @@
+Description: Invalid pointer dereference in btrfs_root_node() when mounting a crafted btrfs image
+References:
+ https://bugzilla.kernel.org/show_bug.cgi?id=199847
+ https://patchwork.kernel.org/patch/10503403/
+ https://patchwork.kernel.org/patch/10503413/
+Notes:
+ carnil> For 4.18.x branch first commit landed in 4.18.8 but unsure
+ carnil> what happened for the second one, resp. not yet checked if
+ carnil> that applies.
+Bugs:
+upstream: released (4.19-rc1) [ba480dd4db9f1798541eb2d1c423fc95feee8d36, 7ef49515fa6727cb4b6f2f5b0ffbc5fc20a9f8c6]
+4.19-upstream-stable: N/A "Fixed before branch point"
+4.9-upstream-stable: released (4.9.144) [6f33d3d8dca8683a4df94e9944296a1a1a2a6f10, 23eb2f435a07e1e09d48ea10c4a22bc96e16fde6]
+3.16-upstream-stable: released (3.16.83) [e3f6c37c31522cc99cea96e0f0f6f536026fb058, b84f82bdb43676854de8c5196bd8738805b892ee]
+sid: released (4.18.8-1)
+4.19-buster-security: N/A "Fixed before branching point"
+4.9-stretch-security: released (4.9.144-1)
+3.16-jessie-security: released (3.16.84-1)
author	Salvatore Bonaccorso <carnil@debian.org>	2020-06-11 09:46:30 +0200
committer	Salvatore Bonaccorso <carnil@debian.org>	2020-06-11 09:46:30 +0200
commit	9cd139b64b8458e7934cf2d43a83d81e9a076e0f (patch)
tree	3db2ce2c38f26190276cb520f651cecb31556b70 /retired/CVE-2018-14612
parent	236bb8f35c5bf6d0962f44bc7a2aba1a433f26d0 (diff)