retire

git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@3599 e094ebfe-e918-0410-adfb-c712417f3574

2 files changed, 25 insertions, 0 deletions

diff --git a/retired/CVE-2014-7843 b/retired/CVE-2014-7843
new file mode 100644
index 00000000..1a0c5846
--- /dev/null
+++ b/retired/CVE-2014-7843
@@ -0,0 +1,13 @@
+Description: copying from /dev/zero causes local DoS
+References:
+ https://bugzilla.redhat.com/show_bug.cgi?id=1163744
+ Upstream patch proposal: https://lkml.org/lkml/2014/11/12/584
+Notes:
+Bugs:
+upstream: released (3.18-rc5) [97fc15436b36ee3956efad83e22a557991f7d19d]
+2.6.32-upstream-stable: N/A "arm64 introduced in 3.7"
+sid: released (3.16.7-ckt2-1)
+3.2-wheezy-security: N/A "arm64 introduced in 3.7"
+2.6.32-squeeze-security: N/A "arm64 introduced in 3.7"
+3.16-upstream-stable: released (3.16.7-ckt2)
+3.2-upstream-stable: N/A "arm64 introduced in 3.7"
diff --git a/retired/CVE-2014-8086 b/retired/CVE-2014-8086
new file mode 100644
index 00000000..e8834b5c
--- /dev/null
+++ b/retired/CVE-2014-8086
@@ -0,0 +1,12 @@
+Description: ext4: fix race between write and fcntl(F_SETFL)
+References:
+ http://www.spinics.net/lists/linux-ext4/msg45683.html
+Notes:
+Bugs:
+upstream: released (3.18-rc3) [a41537e69b4aa43f0fea02498c2595a81267383b]
+2.6.32-upstream-stable: N/A "Vulnerable code not present"
+sid: released (3.16.7-ckt2-1)
+3.2-wheezy-security: N/A "Vulnerable code not present"
+2.6.32-squeeze-security: N/A "Vulnerable code not present"
+3.16-upstream-stable: released (3.16.7-ckt1)
+3.2-upstream-stable: N/A "Vulnerable code not present"