retire issues (these are submitted for 2.6.32.x, but progress

  is very sluggish, no need to wait)


git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@3185 e094ebfe-e918-0410-adfb-c712417f3574

8 files changed, 86 insertions, 0 deletions

diff --git a/retired/CVE-2013-2164 b/retired/CVE-2013-2164
new file mode 100644
index 00000000..adb35313
--- /dev/null
+++ b/retired/CVE-2013-2164
@@ -0,0 +1,12 @@
+Description: block information leak 
+References:
+ http://www.openwall.com/lists/oss-security/2013/06/06/3
+ http://git.kernel.org/cgit/linux/kernel/git/next/linux-next.git/commit/drivers/cdrom/cdrom.c?id=050e4b8fb7cdd7096c987a9cd556029c622c7fe2
+Notes:
+Bugs:
+upstream: released (3.11-rc1) [542db01579fbb7ea7d1f7bb9ddcef1559df660b2]
+2.6.32-upstream-stable: pending (2.6.32.62)
+sid: released (3.9.8-1)
+3.2-wheezy-security: released (3.2.46-1+deb7u1) [bugfix/all/drivers-cdrom-cdrom.c-use-kzalloc-for-failing-hardwa.patch]
+2.6.32-squeeze-security: released (2.6.32-48squeeze4) [bugfix/all/cdrom-use-kzalloc-for-failing-hw.patch]
+3.2-upstream-stable: released (3.2.49)
diff --git a/retired/CVE-2013-2206 b/retired/CVE-2013-2206
new file mode 100644
index 00000000..57936fae
--- /dev/null
+++ b/retired/CVE-2013-2206
@@ -0,0 +1,10 @@
+Description: sctp: duplicate cookie handling NULL pointer dereference
+References:
+Notes:
+Bugs:
+upstream: released (3.9) [f2815633504b442ca0b0605c16bf3d88a3a0fcea]
+2.6.32-upstream-stable: pending (2.6.32.62)
+sid: released (3.9.4-1)
+3.2-wheezy-security: released (3.2.46-1
+2.6.32-squeeze-security: released (2.6.32-48squeeze4) [bugfix/all/sctp-duplicate-cookie-handling-null-pointer-deref.patch]
+3.2-upstream-stable: released (3.2.42)
diff --git a/retired/CVE-2013-2232 b/retired/CVE-2013-2232
new file mode 100644
index 00000000..2ecbeae6
--- /dev/null
+++ b/retired/CVE-2013-2232
@@ -0,0 +1,10 @@
+Description: ipv6: ip6_sk_dst_check() must not assume ipv6 dst
+References:
+Notes:
+Bugs:
+upstream: released (3.10) [a963a37d384d71ad43b3e9e79d68d42fbe0901f3]
+2.6.32-upstream-stable: pending (2.6.32.62)
+sid: released (3.10.1-1)
+3.2-wheezy-security: released (3.2.46-1+deb7u1) [bugfix/all/ipv6-ip6_sk_dst_check-must-not-assume-ipv6-dst.patch]
+2.6.32-squeeze-security: released (2.6.32-48squeeze4) [bugfix/all/ipv6-ipv6_sk_dst_check_must-not-assume-ipv6-dst.patch]
+3.2-upstream-stable: released (3.2.50)
diff --git a/retired/CVE-2013-2234 b/retired/CVE-2013-2234
new file mode 100644
index 00000000..0d0b964b
--- /dev/null
+++ b/retired/CVE-2013-2234
@@ -0,0 +1,10 @@
+Description: af_key: fix info leaks in notify messages
+References:
+Notes:
+Bugs:
+upstream: released (3.10) [a5cc68f3d63306d0d288f31edfc2ae6ef8ecd887]
+2.6.32-upstream-stable: pending (2.6.32.62)
+sid: released (3.10.1-1)
+3.2-wheezy-security: released (3.2.46-1+deb7u1) [bugfix/all/af_key-fix-info-leaks-in-notify-messages.patch]
+2.6.32-squeeze-security: released (2.6.32-48squeeze4) [bugfix/all/af_key-fix-info-leaks-in-notify-msgs.patch]
+3.2-upstream-stable: released (3.2.50)
diff --git a/retired/CVE-2013-2237 b/retired/CVE-2013-2237
new file mode 100644
index 00000000..62c0df35
--- /dev/null
+++ b/retired/CVE-2013-2237
@@ -0,0 +1,10 @@
+Description: another info leak in af_key
+References:
+Notes:
+Bugs:
+upstream: released (3.9) [85dfb745ee40232876663ae206cba35f24ab2a40]
+2.6.32-upstream-stable: pending (2.6.32.62)
+sid: released (3.9.4-1)
+3.2-wheezy-security: released (3.2.46-1+deb7u1) [bugfix/all/af_key-initialize-satype-in-key_notify_policy_flush.patch]
+2.6.32-squeeze-security: released (2.6.32-48squeeze4) [bugfix/all/af_key-initialize-sa_type-in-key_notify_policy_flush.patch]
+3.2-upstream-stable: released (3.2.51)
diff --git a/retired/CVE-2013-2852 b/retired/CVE-2013-2852
new file mode 100644
index 00000000..135e5c76
--- /dev/null
+++ b/retired/CVE-2013-2852
@@ -0,0 +1,10 @@
+Description: b43: format string leaking into error msgs
+References:
+Notes:
+Bugs:
+upstream: released (3.10-rc6) [e0e29b683d6784ef59bbc914eac85a04b650e63c]
+2.6.32-upstream-stable: pending (2.6.32.62)
+sid: released (3.9.8-1)
+3.2-wheezy-security: released (3.2.46-1+deb7u1) [bugfix/all/b43-stop-format-string-leaking-into-error-msgs.patch]
+2.6.32-squeeze-security: released (2.6.32-48squeeze4) [bugfix/all/b43-stop-formatstring-leak.patch]
+3.2-upstream-stable: released (3.2.47)
diff --git a/retired/CVE-2013-2888 b/retired/CVE-2013-2888
new file mode 100644
index 00000000..78b55b72
--- /dev/null
+++ b/retired/CVE-2013-2888
@@ -0,0 +1,13 @@
+Description: HID arbitrary heap write
+References:
+ http://marc.info/?l=linux-input&m=137772180514608&w=1
+Notes:
+ in addion Kees recommends the followin defensive patch:
+ http://marc.info/?t=137772196600012&r=1&w=1
+Bugs:
+upstream: released (3.12-rc1) [43622021d2e2b82ea03d883926605bdd0525e1d1, be67b68d52fa28b9b721c47bb42068f0c1214855]
+2.6.32-upstream-stable: pending (2.6.32.62)
+sid: released (3.10.11-1)
+3.2-wheezy-security: released (3.2.51-1)
+2.6.32-squeeze-security: released (2.6.32-48squeeze4) [bugfix/all/hid-check-for-null-when-setting-values.patch, bugfix/all/hid-validate-report-id-size.patch]
+3.2-upstream-stable: released (3.2.52)
\ No newline at end of file
diff --git a/retired/CVE-2013-2892 b/retired/CVE-2013-2892
new file mode 100644
index 00000000..4802d868
--- /dev/null
+++ b/retired/CVE-2013-2892
@@ -0,0 +1,11 @@
+Description: pantherlord local DoS through zeroing out too much
+References:
+ http://marc.info/?l=linux-input&m=137772185414625&w=1
+Notes:
+Bugs:
+upstream: released (3.12-rc1) [412f30105ec6735224535791eed5cdc02888ecb4]
+2.6.32-upstream-stable: pending (2.6.32.62)
+sid: released (3.10.11-1)
+3.2-wheezy-security: released (3.2.51-1)
+2.6.32-squeeze-security: released (2.6.32-48squeeze4) [bugfix/all/HID-pantherlord-validate-output-report-details.patch]
+3.2-upstream-stable: released (3.2.52)