From 3f1ac495684211f5c6c8bd5e8eac8d2b405dee68 Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Wed, 2 May 2018 08:01:27 +0200
Subject: Retire several CVEs

---
 retired/CVE-2018-1065 | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)
 create mode 100644 retired/CVE-2018-1065

(limited to 'retired/CVE-2018-1065')

diff --git a/retired/CVE-2018-1065 b/retired/CVE-2018-1065
new file mode 100644
index 00000000..0cb3b994
--- /dev/null
+++ b/retired/CVE-2018-1065
@@ -0,0 +1,16 @@
+Description: netfilter: xtables NULL pointer dereference in ip6_tables.c:ip6t_do_table() leading to a crash
+References:
+ https://bugzilla.redhat.com/show_bug.cgi?id=1547824
+ http://lists.openwall.net/netdev/2018/01/27/46
+ http://patchwork.ozlabs.org/patch/870355/
+Notes:
+ carnil> Possibly introduced in 7814b6ec6d0d6 (4.3-rc1)
+Bugs:
+upstream: released (4.16-rc3) [57ebd808a97d7c5b1e1afb937c2db22beba3c1f8]
+4.9-upstream-stable: released (4.9.88) [f506da51bdf6602ec942f25d682a4de9b59760da]
+3.16-upstream-stable: N/A "Issue introduced later in 4.3-rc1 with 7814b6ec6d0d63444abdb49554166c8cfcbd063e"
+3.2-upstream-stable: N/A "Issue introduced later in 4.3-rc1 with 7814b6ec6d0d63444abdb49554166c8cfcbd063e"
+sid: released (4.15.11-1)
+4.9-stretch-security: released (4.9.88-1)
+3.16-jessie-security: N/A "Vulnerable code not present"
+3.2-wheezy-security: N/A "Vulnerable code not present"
-- 
cgit v1.2.3