From 5995bb05fadb43acd248258147490c1c08ae951a Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Tue, 28 Jun 2016 08:34:54 +0000
Subject: Retire several CVEs

git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@4499 e094ebfe-e918-0410-adfb-c712417f3574
---
 retired/CVE-2016-3140 | 13 +++++++++++++
 1 file changed, 13 insertions(+)
 create mode 100644 retired/CVE-2016-3140

(limited to 'retired/CVE-2016-3140')

diff --git a/retired/CVE-2016-3140 b/retired/CVE-2016-3140
new file mode 100644
index 00000000..a5b99550
--- /dev/null
+++ b/retired/CVE-2016-3140
@@ -0,0 +1,13 @@
+Description: crash on invalid USB device descriptors (digi_acceleport driver)
+References:
+ http://seclists.org/bugtraq/2016/Mar/61
+ https://bugzilla.redhat.com/show_bug.cgi?id=1283378
+Notes:
+ Proposed patch: http://marc.info/?l=linux-usb&m=145796765030590&w=2
+Bugs:
+upstream: released (4.6-rc3) [5a07975ad0a36708c6b0a5b9fea1ff811d0b0c1f]
+3.16-upstream-stable: released (3.16.35) [usb-digi_acceleport-do-sanity-checking-for-the-number-of-ports.patch]
+3.2-upstream-stable: released (3.2.80) [usb-digi_acceleport-do-sanity-checking-for-the-number-of-ports.patch]
+sid: released (4.5.1-1)
+3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/all/usb-digi_acceleport-do-sanity-checking-for-the-numbe.patch]
+3.2-wheezy-security: released (3.2.81-1)
-- 
cgit v1.2.3