From b2bc9515f1da143950891491c1ed00001352ad87 Mon Sep 17 00:00:00 2001
From: Moritz Muehlenhoff <jmm@debian.org>
Date: Wed, 31 Jan 2018 19:05:26 +0100
Subject: Retire two issues

---
 retired/CVE-2017-17448 | 15 +++++++++++++++
 1 file changed, 15 insertions(+)
 create mode 100644 retired/CVE-2017-17448

(limited to 'retired/CVE-2017-17448')

diff --git a/retired/CVE-2017-17448 b/retired/CVE-2017-17448
new file mode 100644
index 00000000..0096fcac
--- /dev/null
+++ b/retired/CVE-2017-17448
@@ -0,0 +1,15 @@
+Description: netfilter: nfnetlink_cthelper: Add missing permission checks
+References:
+ https://patchwork.kernel.org/patch/10089373/
+Notes:
+ bwh> This is mitigated in Debian by unprivileged user namespaces being
+ bwh> default-disabled.
+Bugs:
+upstream: released (4.15-rc4) [4b380c42f7d00a395feede754f0bc2292eebe6e5]
+4.9-upstream-stable: released (4.9.79) [2c3184ea80322347287bc7e57f782d77f478e73c]
+3.16-upstream-stable: released (3.16.52) [fad6474d43e985338e4c2b3bb1a7668cca1f041a]
+3.2-upstream-stable: N/A "User namespaces not supported"
+sid: released (4.14.7-1) [bugfix/all/netfilter-nfnetlink_cthelper-add-missing-permission-.patch]
+4.9-stretch-security: released (4.9.65-3+deb9u1) [bugfix/all/netfilter-nfnetlink_cthelper-add-missing-permission-.patch]
+3.16-jessie-security: released (3.16.51-3+deb8u1) [bugfix/all/netfilter-nfnetlink_cthelper-add-missing-permission-.patch]
+3.2-wheezy-security: N/A "User namespaces not supported"
-- 
cgit v1.2.3