From ca3705be4bddd668c035e38f875a38790d2ea5d3 Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Sat, 6 May 2017 12:48:07 +0000
Subject: Retire CVEs fixed everywhere

git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@5268 e094ebfe-e918-0410-adfb-c712417f3574
---
 retired/CVE-2016-10208 | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)
 create mode 100644 retired/CVE-2016-10208

(limited to 'retired/CVE-2016-10208')

diff --git a/retired/CVE-2016-10208 b/retired/CVE-2016-10208
new file mode 100644
index 000000000..9484bb3c1
--- /dev/null
+++ b/retired/CVE-2016-10208
@@ -0,0 +1,16 @@
+Description: ext4 memory corruption
+References:
+ https://bugzilla.suse.com/show_bug.cgi?id=1023377
+ https://bugzilla.redhat.com/show_bug.cgi?id=1395190
+ http://www.spinics.net/lists/linux-ext4/msg54572.html
+Notes:
+ bwh> Initial upstream fix was too strict, causing a regression; see commit
+ bwh> 2ba3e6e8afc9 ("ext4: fix fencepost in s_first_meta_bg validation")
+Bugs:
+upstream: released (4.10-rc1) [3a4b77cd47bb837b8557595ec7425f281f2ca1fe]
+4.9-upstream-stable: released (4.9.9) [13e6ef99d23b05807e7f8a72f45e3d8260b61570]
+3.16-upstream-stable: released (3.16.41) [cde863587b6809fdf61ea3c5391ecf06884b5516]
+3.2-upstream-stable: N/A "Introduced in 3.6-rc1 with 952fc18ef9ec707ebdc16c0786ec360295e5ff15"
+sid: released (4.9.10-1)
+3.16-jessie-security: released (3.16.43-1) [bugfix/all/ext4-validate-s_first_meta_bg-at-mount-time.patch]
+3.2-wheezy-security: N/A "Introduced in 3.6-rc1 with 952fc18ef9ec707ebdc16c0786ec360295e5ff15"
-- 
cgit v1.2.3