From 4f4de25a7b32551359a35554b6d277215d24a486 Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Sun, 10 Dec 2017 05:37:16 +0000
Subject: Retire CVEs fixed everywhere

git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@5780 e094ebfe-e918-0410-adfb-c712417f3574
---
 retired/CVE-2017-16535 | 13 +++++++++++++
 1 file changed, 13 insertions(+)
 create mode 100644 retired/CVE-2017-16535

(limited to 'retired/CVE-2017-16535')

diff --git a/retired/CVE-2017-16535 b/retired/CVE-2017-16535
new file mode 100644
index 00000000..41c7d822
--- /dev/null
+++ b/retired/CVE-2017-16535
@@ -0,0 +1,13 @@
+Description: USB: core: fix out-of-bounds access bug in usb_get_bos_descriptor()
+References:
+Notes:
+ bwh> Introduced in 3.2 by commit 3148bf041d16 "usbcore: get BOS descriptor set"
+Bugs:
+upstream: released (4.14-c6) [1c0edc3633b56000e18d82fc241e3995ca18a69e]
+4.9-upstream-stable: released (4.9.59) [9d13d3e05be29056eeab610d9ad26b04c9231a04]
+3.16-upstream-stable: released (3.16.50) [6514189e83d470af2f35735038c1b096410ab98d]
+3.2-upstream-stable: released (3.2.95) [7c27b82fad16d2804c7c8405316a636f57edeabd]
+sid: released (4.13.10-1)
+4.9-stretch-security: released (4.9.65-1)
+3.16-jessie-security: released (3.16.51-1)
+3.2-wheezy-security: released (3.2.96-1)
-- 
cgit v1.2.3