From d6ce9ee6d4c958926ec6efa83eb940d75c80c0bc Mon Sep 17 00:00:00 2001
From: Ben Hutchings <benh@debian.org>
Date: Wed, 20 Sep 2017 20:36:39 +0000
Subject: Retire issues that are now released, N/A, or ignored in all branches

git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@5589 e094ebfe-e918-0410-adfb-c712417f3574
---
 retired/CVE-2017-1000365 | 14 ++++++++++++++
 1 file changed, 14 insertions(+)
 create mode 100644 retired/CVE-2017-1000365

(limited to 'retired/CVE-2017-1000365')

diff --git a/retired/CVE-2017-1000365 b/retired/CVE-2017-1000365
new file mode 100644
index 00000000..f462754b
--- /dev/null
+++ b/retired/CVE-2017-1000365
@@ -0,0 +1,14 @@
+Description: argv and envp pointer arrays do not count toward the argument/environment size limit
+References:
+ https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
+Notes:
+ bwh> Introduced by commit b6a2fea39318 "mm: variable length argument support"
+Bugs:
+upstream: released (4.12-rc7) [98da7d08850fb8bdeb395d6368ed15753304aa0c]
+4.9-upstream-stable: released (4.9.35) [3d6848e491df6abbf5fb5b1fabb7a5df2e2b8f4f]
+3.16-upstream-stable: released (3.16.46) [d7575b387f81c1a92e32c25dcb6a0e14458ae66c]
+3.2-upstream-stable: released (3.2.91) [cea299eb189fca09c413432b807abd607385b3bc]
+sid: released (4.11.11-1)
+4.9-stretch-security: released (4.9.30-2+deb9u3) [bugfix/all/fs-exec.c-account-for-argv-envp-pointers.patch]
+3.16-jessie-security: released (3.16.43-2+deb8u3) [bugfix/all/fs-exec.c-account-for-argv-envp-pointers.patch]
+3.2-wheezy-security: released (3.2.93-1)
-- 
cgit v1.2.3