Retire several CVEs

author: Salvatore Bonaccorso <carnil@debian.org> 2018-05-02 08:01:27 +0200
committer: Salvatore Bonaccorso <carnil@debian.org> 2018-05-02 08:01:27 +0200
commit: 3f1ac495684211f5c6c8bd5e8eac8d2b405dee68 (patch)
tree: 0bc18e11dc4f10760a099c6a1c90fa10dd1ccd96 /retired/CVE-2018-1108
parent: 658830538c79baf34e713b9d5c5e533168a65321 (diff)
1 files changed, 17 insertions, 0 deletions
diff --git a/retired/CVE-2018-1108 b/retired/CVE-2018-1108
new file mode 100644
index 00000000..5aa26d2e
--- /dev/null
+++ b/retired/CVE-2018-1108
@@ -0,0 +1,17 @@
+Description: random: fix crng_ready() test
+References:
+Notes:
+ carnil> Commit message mentions as fixing commit for CVE-2018-1108
+ carnil> 43838a23a05fbd13e47d750d3dfd77001536dd33, and related commits
+ carnil> dc12baacb95f205948f64dc936a47d89ee110117 (needed for 4.13+)
+ carnil> and 8ef35c866f8862df074a49a93b0309725812dea8 (needed for 4.8+)
+ carnil> CVE-2018-1108 itself has "Cc: stable@kernel.org # 4.8+"
+Bugs:
+upstream: released (4.17-rc2) [43838a23a05fbd13e47d750d3dfd77001536dd33]
+4.9-upstream-stable: released (4.9.96) [4dfb3442bb7e1fb80515df4a199ca5a7a8edf900]
+3.16-upstream-stable: N/A "Vulnerable code not present"
+3.2-upstream-stable: N/A "Vulnerable code not present"
+sid: released (4.16.5-1)
+4.9-stretch-security: released (4.9.88-1) [bugfix/all/random-fix-crng_ready-test.patch]
+3.16-jessie-security: N/A "Vulnerable code not present"
+3.2-wheezy-security: N/A "Vulnerable code not present"
author	Salvatore Bonaccorso <carnil@debian.org>	2018-05-02 08:01:27 +0200
committer	Salvatore Bonaccorso <carnil@debian.org>	2018-05-02 08:01:27 +0200
commit	3f1ac495684211f5c6c8bd5e8eac8d2b405dee68 (patch)
tree	0bc18e11dc4f10760a099c6a1c90fa10dd1ccd96 /retired/CVE-2018-1108
parent	658830538c79baf34e713b9d5c5e533168a65321 (diff)