Update status for CVE-2022-3903

author: Salvatore Bonaccorso <carnil@debian.org> 2022-11-16 15:03:48 +0100
committer: Salvatore Bonaccorso <carnil@debian.org> 2022-11-16 15:03:48 +0100
commit: c18a799a9c98466993eba043d900405fc7c1c886 (patch)
tree: 3de5bef690d50fb833a068802551df7574b52529 /active/CVE-2022-3903
parent: 8dda182819cb4b17975f1b2bef23c870e2818571 (diff)
1 files changed, 9 insertions, 4 deletions
diff --git a/active/CVE-2022-3903 b/active/CVE-2022-3903
index c5c8f109..608be1d8 100644
--- a/active/CVE-2022-3903
+++ b/active/CVE-2022-3903
@@ -4,10 +4,15 @@ References:
  https://lore.kernel.org/all/CAB7eexLLApHJwZfMQ=X-PtRhw0BgO+5KcSMS05FNUYejJXqtSA@mail.gmail.com/
  https://lore.kernel.org/all/E1obysd-009Grw-He@www.linuxtv.org/
 Notes:
+ carnil> Apparently the fix was already done in 6.0-rc4 with 608e58a0f461
+ carnil> ("media: mceusb: Use new usb_control_msg_*() routines") but
+ carnil> then changes lost and redone in 6.1-rc2. The former was
+ carnil> backported to various stable series. I'm not sure what happened
+ carnil> here.
 Bugs:
-upstream:
-5.10-upstream-stable:
+upstream: released (6.1-rc2) [41fd1cb6151439b205ac7611883d85ae14250172]
+5.10-upstream-stable: released (5.10.142) [587f793c64d99d92be8ef01c4c69d885a3f2edb6]
 4.19-upstream-stable:
-sid:
-5.10-bullseye-security:
+sid: released (5.19.11-1)
+5.10-bullseye-security: released (5.10.148-1)
 4.19-buster-security:
author	Salvatore Bonaccorso <carnil@debian.org>	2022-11-16 15:03:48 +0100
committer	Salvatore Bonaccorso <carnil@debian.org>	2022-11-16 15:03:48 +0100
commit	c18a799a9c98466993eba043d900405fc7c1c886 (patch)
tree	3de5bef690d50fb833a068802551df7574b52529 /active/CVE-2022-3903
parent	8dda182819cb4b17975f1b2bef23c870e2818571 (diff)