From 6e7d4d55887ce8c80468b48428c8820893006438 Mon Sep 17 00:00:00 2001
From: Ben Hutchings <ben@decadent.org.uk>
Date: Mon, 27 Jun 2022 01:42:53 +0200
Subject: Reactivate CVE-2022-1976 as it is not fixed in sid

The patch was added but not applied.
---
 active/CVE-2022-1976  | 17 +++++++++++++++++
 retired/CVE-2022-1976 | 18 ------------------
 2 files changed, 17 insertions(+), 18 deletions(-)
 create mode 100644 active/CVE-2022-1976
 delete mode 100644 retired/CVE-2022-1976

diff --git a/active/CVE-2022-1976 b/active/CVE-2022-1976
new file mode 100644
index 00000000..a6a5c6a7
--- /dev/null
+++ b/active/CVE-2022-1976
@@ -0,0 +1,17 @@
+Description: io_uring: reinstate the inflight tracking
+References:
+ https://www.openwall.com/lists/oss-security/2022/06/14/2
+Notes:
+ carnil> Commit fixes d5361233e9ab ("io_uring: drop the old style
+ carnil> inflight file tracking") in 5.18-rc2 (and backported to
+ carnil> 5.17.3).
+ carnil> For 5.18.y fixed as well in 5.18.6.
+Bugs:
+upstream: released (5.19-rc1) [9cae36a094e7e9d6e5fe8b6dcd4642138b3eb0c7]
+5.10-upstream-stable: N/A "Vulnerable code not present"
+4.19-upstream-stable: N/A "Vulnerable code not present"
+4.9-upstream-stable: N/A "Vulnerable code not present"
+sid: needed
+5.10-bullseye-security: N/A "Vulnerable code not present"
+4.19-buster-security: N/A "Vulnerable code not present"
+4.9-stretch-security: N/A "Vulnerable code not present"
diff --git a/retired/CVE-2022-1976 b/retired/CVE-2022-1976
deleted file mode 100644
index f2ef25b1..00000000
--- a/retired/CVE-2022-1976
+++ /dev/null
@@ -1,18 +0,0 @@
-Description: io_uring: reinstate the inflight tracking
-References:
- https://www.openwall.com/lists/oss-security/2022/06/14/2
-Notes:
- carnil> Commit fixes d5361233e9ab ("io_uring: drop the old style
- carnil> inflight file tracking") in 5.18-rc2 (and backported to
- carnil> 5.17.3).
- carnil> For 5.18.y fixed as well in 5.18.6 but was already cherry-
- carnil> picked for the 5.18.5-1 upload.
-Bugs:
-upstream: released (5.19-rc1) [9cae36a094e7e9d6e5fe8b6dcd4642138b3eb0c7]
-5.10-upstream-stable: N/A "Vulnerable code not present"
-4.19-upstream-stable: N/A "Vulnerable code not present"
-4.9-upstream-stable: N/A "Vulnerable code not present"
-sid: released (5.18.5-1) [bugfix/all/io_uring-reinstate-the-inflight-tracking.patch]
-5.10-bullseye-security: N/A "Vulnerable code not present"
-4.19-buster-security: N/A "Vulnerable code not present"
-4.9-stretch-security: N/A "Vulnerable code not present"
-- 
cgit v1.2.3