From 05e144f5efb3f82e93da6f2fa0283cf10f5662c5 Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Tue, 6 Jun 2017 09:43:25 +0000
Subject: Retire several CVEs

git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@5347 e094ebfe-e918-0410-adfb-c712417f3574
---
 retired/CVE-2016-9604 | 15 +++++++++++++++
 1 file changed, 15 insertions(+)
 create mode 100644 retired/CVE-2016-9604

(limited to 'retired/CVE-2016-9604')

diff --git a/retired/CVE-2016-9604 b/retired/CVE-2016-9604
new file mode 100644
index 00000000..0eb67595
--- /dev/null
+++ b/retired/CVE-2016-9604
@@ -0,0 +1,15 @@
+Description: KEYS: Disallow keyrings beginning with '.' to be joined as session keyrings
+References:
+Notes:
+ bwh> A similar issue was fixed in 3.17 by commit a4e3b8d79a5c
+ bwh> "KEYS: special dot prefixed keyring name bug fix" (which wrongly
+ bwh> removed another check - fixed by commit 54e2c2c1a9d6
+ bwh> "KEYS: Reinstate EPERM for a key type name beginning with a '.'")
+Bugs:
+upstream: released (4.11-rc8) [ee8f844e3c5a73b999edf733df1c529d6503ec2f]
+4.9-upstream-stable: released (4.9.25) [a5c6e0a76817a3751f58d761aaff7c0b0c4001ff]
+3.16-upstream-stable: released (3.16.44) [41bd08bfce7c33e0d383e7678e6d6c7e8e041524]
+3.2-upstream-stable: released (3.2.89) [7488aaea277dc17eb12bda22c91332c804c62965]
+sid: released (4.9.25-1)
+3.16-jessie-security: released (3.16.43-1) [bugfix/all/keys-disallow-keyrings-beginning-with-.-to-be-joined.patch]
+3.2-wheezy-security: released (3.2.88-1) [bugfix/all/keys-disallow-keyrings-beginning-with-.-to-be-joined.patch]
-- 
cgit v1.2.3