From 4f357619cf52a5d338d3aa19f5278b47263d5297 Mon Sep 17 00:00:00 2001
From: Ben Hutchings <ben@decadent.org.uk>
Date: Fri, 26 Mar 2021 01:41:18 +0100
Subject: Fill in details for several issues

---
 active/CVE-2021-28950 | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

(limited to 'active/CVE-2021-28950')

diff --git a/active/CVE-2021-28950 b/active/CVE-2021-28950
index 0456d42c..82d3c02a 100644
--- a/active/CVE-2021-28950
+++ b/active/CVE-2021-28950
@@ -4,11 +4,13 @@ Notes:
  carnil> Commit fixes 5d069dbe8aaf ("fuse: fix bad inode") which is only
  carnil> present in 5.4.88, 5.10.6 and 5.11-rc1 so might not affect
  carnil> older versions.
+ bwh> Commit 5d069dbe8aaf "fuse: fix bad inode" fixed another DoS issue,
+ bwh> so we'll need to backport both of them.
 Bugs:
 upstream: released (5.12-rc4) [775c5033a0d164622d9d10dd0f0a5531639ed3ed]
 5.10-upstream-stable: released (5.10.25) [d955f13ea2120269319d6133d0dd82b66d1eeca3]
-4.19-upstream-stable:
-4.9-upstream-stable:
+4.19-upstream-stable: needed
+4.9-upstream-stable: needed
 sid: released (5.10.24-1) [bugfix/all/fuse-fix-live-lock-in-fuse_iget.patch]
-4.19-buster-security:
-4.9-stretch-security:
+4.19-buster-security: needed
+4.9-stretch-security: needed
-- 
cgit v1.2.3