Retire some CVEs

1 files changed, 15 insertions, 0 deletions

diff --git a/retired/CVE-2019-11479 b/retired/CVE-2019-11479
new file mode 100644
index 00000000..9c99b811
--- /dev/null
+++ b/retired/CVE-2019-11479
@@ -0,0 +1,15 @@
+Description: TCP minimum MSS hardcoded to 48 which can lead to DoS
+References:
+ https://patchwork.ozlabs.org/patch/1117157/
+ https://patchwork.ozlabs.org/patch/1117158/
+ https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.md
+Notes:
+Bugs:
+upstream: released (5.2-rc6) [5f3e2bf008c2221478101ee72f5cb4654b9fc363, 967c05aee439e6e5d7d805e195b3a20ef5c433d6]
+4.19-upstream-stable: released (4.19.52) [7f9f8a37e563c67b24ccd57da1d541a95538e8d9, 59222807fcc99951dc769cd50e132e319d73d699]
+4.9-upstream-stable: released (4.9.182) [8e39cbc03dafa3731d22533f869bf326c0e6e6f8, 7e9096287352d0416f3caa0919c90bd9ed2f68d3]
+3.16-upstream-stable: released (3.16.69) [6b7e7997ad3505db7de85ff12276fc84659481d3, 7ce5a5796ca119c5c6935ea9f4e785f0cb7f39b7]
+sid: released (4.19.37-4) [bugfix/all/tcp-add-tcp_min_snd_mss-sysctl.patch, bugfix/all/tcp-enforce-tcp_min_snd_mss-in-tcp_mtu_probing.patch]
+4.19-buster-security: N/A "Fixed before branching point"
+4.9-stretch-security: released (4.9.168-1+deb9u3) [bugfix/all/tcp-add-tcp_min_snd_mss-sysctl.patch, bugfix/all/tcp-enforce-tcp_min_snd_mss-in-tcp_mtu_probing.patch]
+3.16-jessie-security: released (3.16.68-2) [bugfix/all/tcp-add-tcp_min_snd_mss-sysctl.patch, bugfix/all/tcp-enforce-tcp_min_snd_mss-in-tcp_mtu_probing.patch]