From 445ac2e64e4df30880b05328bec40aeb97b8af37 Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Thu, 15 Feb 2018 19:38:44 +0100
Subject: Retire CVE-2018-1000028

---
 retired/CVE-2018-1000028 | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)
 create mode 100644 retired/CVE-2018-1000028

(limited to 'retired/CVE-2018-1000028')

diff --git a/retired/CVE-2018-1000028 b/retired/CVE-2018-1000028
new file mode 100644
index 00000000..9bf3c070
--- /dev/null
+++ b/retired/CVE-2018-1000028
@@ -0,0 +1,17 @@
+Description: nfsd: auth: Fix gid sorting when rootsquash enabled
+References:
+Notes:
+ carnil> Introduced with bdcf0a423ea1 (4.15-rc4) and various
+ carnil> backports (4.14.8+, 4.9.76+).
+ carnil> When though fixing in stretch via new a version
+ carnil> >= 4.9.76 needs to apply a backport of
+ carnil> 1995266727fa8143897e89b55f5d3c79aa828420 as well.
+Bugs:
+upstream: released (4.15) [1995266727fa8143897e89b55f5d3c79aa828420]
+4.9-upstream-stable: released (4.9.79) [f12d0602633decf073796f3aaa59eec7ff2da9e2]
+3.16-upstream-stable: N/A "Vulnerable code introduced later"
+3.2-upstream-stable: N/A "Vulnerable code introduced later"
+sid: released (4.14.17-1)
+4.9-stretch-security: N/A "Vulnerable code introduced later"
+3.16-jessie-security: N/A "Vulnerable code introduced later"
+3.2-wheezy-security: N/A "Vulnerable code introduced later"
-- 
cgit v1.2.3