From e58840f1b07272348f16568187550f5c219ee2eb Mon Sep 17 00:00:00 2001
From: Moritz Muehlenhoff <jmm@debian.org>
Date: Wed, 10 Oct 2018 16:08:10 +0200
Subject: retire more issues

---
 retired/CVE-2018-10938 | 14 ++++++++++++++
 1 file changed, 14 insertions(+)
 create mode 100644 retired/CVE-2018-10938

(limited to 'retired/CVE-2018-10938')

diff --git a/retired/CVE-2018-10938 b/retired/CVE-2018-10938
new file mode 100644
index 00000000..b0a61352
--- /dev/null
+++ b/retired/CVE-2018-10938
@@ -0,0 +1,14 @@
+Description: Cipso: cipso_v4_optptr infinite loop
+References:
+ http://www.openwall.com/lists/oss-security/2018/08/27/1
+Notes:
+ carnil> Introduced by 04f81f0154e4bf002be6f4d85668ce1257efa4d9 (4.0-rc1)
+ carnil> We do not build the module, thus marked as severity unimportant
+ carnil> in the security-tracker itself.
+Bugs:
+upstream: released (4.13-rc5) [40413955ee265a5e42f710940ec78f5450d49149]
+4.9-upstream-stable: released (4.9.125) [e8e519f8ec33ce670abef2cfc0613ec26319841e]
+3.16-upstream-stable: N/A "Vulnerable code introduced later"
+sid: released (4.13.4-1)
+4.9-stretch-security: released (4.9.110-3+deb9u5) [bugfix/all/cipso-cipso_v4_optptr-enter-infinite-loop.patch]
+3.16-jessie-security: N/A "Vulnerable code not present"
-- 
cgit v1.2.3