From 3f1ac495684211f5c6c8bd5e8eac8d2b405dee68 Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Wed, 2 May 2018 08:01:27 +0200
Subject: Retire several CVEs

---
 retired/CVE-2017-18193 | 14 ++++++++++++++
 1 file changed, 14 insertions(+)
 create mode 100644 retired/CVE-2017-18193

(limited to 'retired/CVE-2017-18193')

diff --git a/retired/CVE-2017-18193 b/retired/CVE-2017-18193
new file mode 100644
index 00000000..18ebc724
--- /dev/null
+++ b/retired/CVE-2017-18193
@@ -0,0 +1,14 @@
+Description: f2fs: fix a bug caused by NULL extent tree
+References:
+Notes:
+ bwh> The extent tree was implemented in f2fs in 4.3, so I think the
+ bwh> vulnerability cannot be older than that.
+Bugs:
+upstream: released (v4.13-rc1) [dad48e73127ba10279ea33e6dbc8d3905c4d31c0]
+4.9-upstream-stable: released (4.9.86) [4a97b2d09d332c43612f489c99b97d691002b6d4]
+3.16-upstream-stable: N/A "Vulnerable code not present"
+3.2-upstream-stable: N/A "Vulnerable code not present"
+sid: released (4.13.4-1)
+4.9-stretch-security: released (4.9.88-1)
+3.16-jessie-security: N/A "Vulnerable code not present"
+3.2-wheezy-security: N/A "Vulnerable code not present"
-- 
cgit v1.2.3