Retire two CVEs

2 files changed, 28 insertions, 0 deletions

diff --git a/retired/CVE-2024-0639 b/retired/CVE-2024-0639
new file mode 100644
index 00000000..56a3d794
--- /dev/null
+++ b/retired/CVE-2024-0639
@@ -0,0 +1,13 @@
+Description: sctp: fix potential deadlock on &net->sctp.addr_wq_lock
+References:
+ https://bugzilla.redhat.com/show_bug.cgi?id=2258754
+Notes:
+Bugs:
+upstream: released (6.5-rc1) [6feb37b3b06e9049e20dcf7e23998f92c9c5be9a]
+6.1-upstream-stable: released (6.1.39) [1aa5a6a6d28c77e364feaba35ff7f12d2d74fec1]
+5.10-upstream-stable: released (5.10.188) [6d2243ab783bf79d1d674ff0ca26229233c56508]
+4.19-upstream-stable: released (4.19.291) [0ad0e8b0cb0e28626ab6dffe3da883941b9cbc4b]
+sid: released (6.4.4-1)
+6.1-bookworm-security: released (6.1.52-1)
+5.10-bullseye-security: released (5.10.191-1)
+4.19-buster-security: released (4.19.304-1)
diff --git a/retired/CVE-2024-0641 b/retired/CVE-2024-0641
new file mode 100644
index 00000000..d34e3fe6
--- /dev/null
+++ b/retired/CVE-2024-0641
@@ -0,0 +1,15 @@
+Description: tipc: fix a potential deadlock on &tx->lock
+References:
+ https://bugzilla.redhat.com/show_bug.cgi?id=2258757
+Notes:
+ carnil> Commit fixes fc1b6d6de220 ("tipc: introduce TIPC encryption &
+ carnil> authentication") in 5.5-rc1.
+Bugs:
+upstream: released (6.6-rc5) [08e50cf071847323414df0835109b6f3560d44f5]
+6.1-upstream-stable: released (6.1.57) [143e72757a902abcecd5f487553f44dc19a56cfc]
+5.10-upstream-stable: released (5.10.198) [6a24d0661fa389c241d935da38e0f6a5ee8eb1ae]
+4.19-upstream-stable: N/A "Vulnerable code not present"
+sid: released (6.5.8-1)
+6.1-bookworm-security: released (6.1.64-1)
+5.10-bullseye-security: released (5.10.205-1)
+4.19-buster-security: N/A "Vulnerable code not present"