From f3dd331af9c70c6b5158fc1cd6a0ebc8f14714d3 Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Sat, 9 Dec 2017 08:52:03 +0000
Subject: Retire several CVEs fixed everywhere

git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@5772 e094ebfe-e918-0410-adfb-c712417f3574
---
 retired/CVE-2017-0786 | 14 ++++++++++++++
 1 file changed, 14 insertions(+)
 create mode 100644 retired/CVE-2017-0786

(limited to 'retired/CVE-2017-0786')

diff --git a/retired/CVE-2017-0786 b/retired/CVE-2017-0786
new file mode 100644
index 000000000..483a39127
--- /dev/null
+++ b/retired/CVE-2017-0786
@@ -0,0 +1,14 @@
+Description:  brcmfmac: add length check in brcmf_cfg80211_escan_handler()
+References:
+Notes:
+ bwh> Upstream commit is marked for 4.0 onward, but I think the bug was
+ bwh> introduced in 3.7 by commit e756af5b30b0 "brcmfmac: add e-scan support."
+Bugs:
+upstream: released (4.14-rc4) [17df6453d4be17910456e99c5a85025aa1b7a246]
+4.9-upstream-stable: released (4.9.55) [4d3132d97aa753104ee35722352a895750a0fca5]
+3.16-upstream-stable: released (3.16.50) [7df83adfc5d38bf960ef7ff0e4cb1c2c92715f63]
+3.2-upstream-stable: N/A "Vulnerable code not present"
+sid: released (4.13.4-2) [bugfix/all/brcmfmac-add-length-check-in-brcmf_cfg80211_escan_ha.patch]
+4.9-stretch-security: released (4.9.65-1)
+3.16-jessie-security: released (3.16.51-1)
+3.2-wheezy-security: N/A "Vulnerable code not present"
-- 
cgit v1.2.3