diff options
author | Moritz Muehlenhoff <jmm@debian.org> | 2018-10-10 16:08:10 +0200 |
---|---|---|
committer | Moritz Muehlenhoff <jmm@debian.org> | 2018-10-10 16:08:10 +0200 |
commit | e58840f1b07272348f16568187550f5c219ee2eb (patch) | |
tree | b971c0cfbc0ac9ff0560015a7861cbb6560c73ae /retired/CVE-2018-14641 | |
parent | 57b924820eb68766ff307bf9efd9f1d318dd0a34 (diff) |
retire more issues
Diffstat (limited to 'retired/CVE-2018-14641')
-rw-r--r-- | retired/CVE-2018-14641 | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/retired/CVE-2018-14641 b/retired/CVE-2018-14641 new file mode 100644 index 00000000..f53ec377 --- /dev/null +++ b/retired/CVE-2018-14641 @@ -0,0 +1,23 @@ +Description: ip: frags: fix crash in ip_do_fragment() +References: + https://www.openwall.com/lists/oss-security/2018/09/18/1 + https://bugzilla.redhat.com/show_bug.cgi?id=1629636 +Notes: + carnil> fa0f527358bd (4.19-rc1) is the introducing commit + carnil> beeing part of the (upstream) fixes for CVE-2018-5391. + carnil> There is no stable release which backported this + carnil> (without) 5d407b071dc3. In fact not yet either in + carnil> a 4.18.x or 4.9.x. + carnil> When upstream fixes for CVE-2018-5391 land in Debian + carnil> branch or are in a stable version, then 5d407b071dc3 + carnil> needs to be added to not make the CVE-2018-14641 + carnil> open. + carnil> For experimental suite technically it was affected + carnil> and fixed though with 4.19~rc4-1~exp1 upload. +Bugs: +upstream: released (4.19-rc4) [5d407b071dc369c26a38398326ee2be53651cfe4] +4.9-upstream-stable: N/A "fa0f527358bd not backported" +3.16-upstream-stable: N/A "fa0f527358bd not backported" +sid: N/A "Vulnerable code not present" +4.9-stretch-security: N/A "Vulnerable code not present" +3.16-jessie-security: N/A "Vulnerable code not present" |