retire

git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@3337 e094ebfe-e918-0410-adfb-c712417f3574
author: Moritz Muehlenhoff <jmm@debian.org> 2014-05-02 07:15:17 +0000
committer: Moritz Muehlenhoff <jmm@debian.org> 2014-05-02 07:15:17 +0000
commit: b71a962277e62b0170e9356163b81052a4c24a38 (patch)
tree: 1a66e64e46bd58b17ac9813ec9214a6e3dc8cc68 /retired
parent: 1a9948523b172edbe867656861655a15883ea36e (diff)
7 files changed, 76 insertions, 0 deletions
diff --git a/retired/CVE-2014-0055 b/retired/CVE-2014-0055
new file mode 100644
index 00000000..13adeba8
--- /dev/null
+++ b/retired/CVE-2014-0055
@@ -0,0 +1,12 @@
+Description: vhost-net: insufficient handling of error conditions in get_rx_bufs()
+References:
+ https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-0055
+ http://rhn.redhat.com/errata/RHSA-2014-0328.html
+Notes:
+Bugs:
+upstream: released (3.14) [a39ee449f96a2cd44ce056d8a0a112211a9b1a1f]
+2.6.32-upstream-stable: N/A "vhost_net introduced in 2.6.33"
+sid: released (3.13.10-1) [bugfix/all/vhost-validate-vhost_get_vq_desc-return-value.patch]
+3.2-wheezy-security: released (3.2.57-1) [bugfix/all/vhost-validate-vhost_get_vq_desc-return-value.patch]
+2.6.32-squeeze-security: N/A "vhost_net introduced in 2.6.33"
+3.2-upstream-stable: released (3.2.58) [vhost-validate-vhost_get_vq_desc-return-value.patch]
diff --git a/retired/CVE-2014-0077 b/retired/CVE-2014-0077
new file mode 100644
index 00000000..315ed2df
--- /dev/null
+++ b/retired/CVE-2014-0077
@@ -0,0 +1,11 @@
+Description: vhost-net: insufficiency in handling of big packets in handle_rx()
+References:
+ http://article.gmane.org/gmane.linux.network/311012 
+Notes:
+Bugs:
+upstream: released (3.14) [d8316f3991d207fe32881a9ac20241be8fa2bad0]
+2.6.32-upstream-stable: N/A "vhost_net introduced in 2.6.33"
+sid: released (3.13.10-1) [bugfix/all/vhost-fix-total-length-when-packets-are-too-short.patch]
+3.2-wheezy-security: released (3.2.57-1) [bugfix/all/vhost-fix-total-length-when-packets-are-too-short.patch]
+2.6.32-squeeze-security: N/A "vhost_net introduced in 2.6.33"
+3.2-upstream-stable: released (3.2.58) [vhost-fix-total-length-when-packets-are-too-short.patch]
diff --git a/retired/CVE-2014-1446 b/retired/CVE-2014-1446
new file mode 100644
index 00000000..9c6ab384
--- /dev/null
+++ b/retired/CVE-2014-1446
@@ -0,0 +1,10 @@
+Description: hamradio/yam: fix info leak in ioctl
+References:
+Notes:
+Bugs:
+upstream: released (3.13-rc7) [8e3fbf870481eb53b2d3a322d1fc395ad8b367ed]
+2.6.32-upstream-stable: pending
+sid: released (3.12.8-1)
+3.2-wheezy-security: released (3.2.54-1) [bugfix/all/hamradio-yam-fix-info-leak-in-ioctl.patch]
+2.6.32-squeeze-security: released (2.6.32-48squeeze5) [bugfix/all/hamradio-yam-fix-info-leak-in-ioctl.patch]
+3.2-upstream-stable: released (3.2.55)
diff --git a/retired/CVE-2014-1874 b/retired/CVE-2014-1874
new file mode 100644
index 00000000..8f2c4b9d
--- /dev/null
+++ b/retired/CVE-2014-1874
@@ -0,0 +1,12 @@
+Description: SeLinux local DoS
+References:
+ http://marc.info/?l=selinux&m=139110025203759&w=2
+Notes:
+ Only triggerable with CAP_MAC_ADMIN
+Bugs:
+upstream: released (3.14-rc2) [2172fa709ab32ca60e86179dc67d0857be8e2c98]
+2.6.32-upstream-stable: pending
+sid: released (3.13.4-1)
+3.2-wheezy-security: released (3.2.56-1)
+2.6.32-squeeze-security: released (2.6.32-48squeeze5) [bugfix/all/SELinux-Fix-kernel-BUG-on-empty-security-contexts.patch]
+3.2-upstream-stable: released (3.2.56)
diff --git a/retired/CVE-2014-2039 b/retired/CVE-2014-2039
new file mode 100644
index 00000000..e4a7c45b
--- /dev/null
+++ b/retired/CVE-2014-2039
@@ -0,0 +1,10 @@
+Description: s390: fix kernel crash due to linkage stack instructions
+References:
+Notes:
+Bugs:
+upstream: released (3.14-rc2) [8d7f6690cedb83456edd41c9bd583783f0703bf0]
+2.6.32-upstream-stable: pending
+sid: released (3.13.5-1)
+3.2-wheezy-security: released (3.2.57-1)
+2.6.32-squeeze-security: released (2.6.32-48squeeze5) [bugfix/s390/fix-kernel-crash-due-to-linkage-stack-instructi.patch]
+3.2-upstream-stable: released (3.2.57) [s390-fix-kernel-crash-due-to-linkage-stack-instructions.patch]
diff --git a/retired/CVE-2014-2309 b/retired/CVE-2014-2309
new file mode 100644
index 00000000..34474369
--- /dev/null
+++ b/retired/CVE-2014-2309
@@ -0,0 +1,11 @@
+Description: ipv6: don't set DST_NOCOUNT for remotely added routes
+References:
+ https://git.kernel.org/cgit/linux/kernel/git/davem/net.git/commit/?id=c88507fbad8055297c1d1e21e599f46960cbee39
+Notes:
+Bugs:
+upstream: released (3.14-rc4) [c88507fbad8055297c1d1e21e599f46960cbee39]
+2.6.32-upstream-stable: N/A "Introduced in 3.0 with 957c665f37007de93ccbe45902a23143724170d0"
+sid: released (3.13.6-1) [bugfix/all/ipv6-don-t-set-DST_NOCOUNT-for-remotely-added-routes.patch]
+3.2-wheezy-security: released (3.2.57-1) [bugfix/all/ipv6-don-t-set-dst_nocount-for-remotely-added-routes.patch]
+2.6.32-squeeze-security: N/A "Introduced in 3.0 with 957c665f37007de93ccbe45902a23143724170d0"
+3.2-upstream-stable: released (3.2.58) [ipv6-don-t-set-dst_nocount-for-remotely-added-routes.patch]
diff --git a/retired/CVE-2014-2523 b/retired/CVE-2014-2523
new file mode 100644
index 00000000..f3d930b6
--- /dev/null
+++ b/retired/CVE-2014-2523
@@ -0,0 +1,10 @@
+Description: netfilter: remote memory corruption in nf_conntrack_proto_dccp
+References:
+Notes:
+Bugs:
+upstream: released (3.14-rc1) [b22f5126a24b3b2f15448c3f2a254fc10cbc2b92]
+2.6.32-upstream-stable: pending
+sid: released (3.13.10-1)
+3.2-wheezy-security: released (3.2.57-1)
+2.6.32-squeeze-security: released (2.6.32-48squeeze5) [bugfix/all/netfilter-nf_conntrack_dccp-fix-skb_header_pointer-A.patch]
+3.2-upstream-stable: released (3.2.57) [netfilter-nf_conntrack_dccp-fix-skb_header_pointer-api-usages.patch]
author	Moritz Muehlenhoff <jmm@debian.org>	2014-05-02 07:15:17 +0000
committer	Moritz Muehlenhoff <jmm@debian.org>	2014-05-02 07:15:17 +0000
commit	b71a962277e62b0170e9356163b81052a4c24a38 (patch)
tree	1a66e64e46bd58b17ac9813ec9214a6e3dc8cc68 /retired
parent	1a9948523b172edbe867656861655a15883ea36e (diff)