From 799d3c586b6df4d41fccd5fc2ff796a087c26329 Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Fri, 25 Mar 2022 20:49:54 +0100
Subject: Retire several CVEs

---
 active/CVE-2021-28950 | 18 ------------------
 1 file changed, 18 deletions(-)
 delete mode 100644 active/CVE-2021-28950

(limited to 'active/CVE-2021-28950')

diff --git a/active/CVE-2021-28950 b/active/CVE-2021-28950
deleted file mode 100644
index 18e926a5..00000000
--- a/active/CVE-2021-28950
+++ /dev/null
@@ -1,18 +0,0 @@
-Description: fuse: fix live lock in fuse_iget()
-References:
-Notes:
- carnil> Commit fixes 5d069dbe8aaf ("fuse: fix bad inode") which is only
- carnil> present in 5.4.88, 5.10.6 and 5.11-rc1 so might not affect
- carnil> older versions.
- bwh> Commit 5d069dbe8aaf "fuse: fix bad inode" fixed another DoS issue,
- bwh> so we'll need to backport both of them.
- carnil> The 5d069dbe8aaf "fuse: fix bad inode" is CVE-2020-36322.
-Bugs:
-upstream: released (5.12-rc4) [775c5033a0d164622d9d10dd0f0a5531639ed3ed]
-5.10-upstream-stable: released (5.10.25) [d955f13ea2120269319d6133d0dd82b66d1eeca3]
-4.19-upstream-stable: released (4.19.226) [8a8908cb82568c71b672e83d834e8b59ccf75f8e]
-4.9-upstream-stable: released (4.9.298) [fde32bbe9a540af28579da6480fc55cc50099ece]
-sid: released (5.10.24-1) [bugfix/all/fuse-fix-live-lock-in-fuse_iget.patch]
-5.10-bullseye-security: N/A "Fixed before branching point"
-4.19-buster-security: released (4.19.232-1)
-4.9-stretch-security: released (4.9.272-1) [bugfix/all/fuse-fix-live-lock-in-fuse_iget.patch]
-- 
cgit v1.2.3