retire more issues

author: Moritz Muehlenhoff <jmm@debian.org> 2018-10-10 16:08:10 +0200
committer: Moritz Muehlenhoff <jmm@debian.org> 2018-10-10 16:08:10 +0200
commit: e58840f1b07272348f16568187550f5c219ee2eb (patch)
tree: b971c0cfbc0ac9ff0560015a7861cbb6560c73ae /retired/CVE-2018-14633
parent: 57b924820eb68766ff307bf9efd9f1d318dd0a34 (diff)
1 files changed, 13 insertions, 0 deletions
diff --git a/retired/CVE-2018-14633 b/retired/CVE-2018-14633
new file mode 100644
index 00000000..39abd020
--- /dev/null
+++ b/retired/CVE-2018-14633
@@ -0,0 +1,13 @@
+Description: stack-based buffer overflow in chap_server_compute_md5() in iscsi target
+References:
+ https://www.openwall.com/lists/oss-security/2018/09/24/2
+ https://bugzilla.redhat.com/show_bug.cgi?id=1626035
+ https://git.kernel.org/pub/scm/linux/kernel/git/mkp/scsi.git/commit/?h=4.19/scsi-fixes&id=1816494330a83f2a064499d8ed2797045641f92c
+Notes:
+Bugs:
+upstream: released (4.19-rc6) [1816494330a83f2a064499d8ed2797045641f92c]
+4.9-upstream-stable: released (4.9.130) [5eeb39743ba17bd36db8d86d0047181ee0b9ff71]
+3.16-upstream-stable: released (3.16.59) [scsi-target-iscsi-use-hex2bin-instead-of-a-re-implementation.patch]
+sid: released (4.18.10-1) [bugfix/all/scsi-target-iscsi-Use-hex2bin-instead-of-a-re-implem.patch]
+4.9-stretch-security: released (4.9.110-3+deb9u5) [bugfix/all/scsi-target-iscsi-Use-hex2bin-instead-of-a-re-implem.patch]
+3.16-jessie-security: released (3.16.59-1)
author	Moritz Muehlenhoff <jmm@debian.org>	2018-10-10 16:08:10 +0200
committer	Moritz Muehlenhoff <jmm@debian.org>	2018-10-10 16:08:10 +0200
commit	e58840f1b07272348f16568187550f5c219ee2eb (patch)
tree	b971c0cfbc0ac9ff0560015a7861cbb6560c73ae /retired/CVE-2018-14633
parent	57b924820eb68766ff307bf9efd9f1d318dd0a34 (diff)