Retire some CVEs

author: Salvatore Bonaccorso <carnil@debian.org> 2022-02-11 20:49:40 +0100
committer: Salvatore Bonaccorso <carnil@debian.org> 2022-02-11 20:49:40 +0100
commit: 9cf335eee40b048fcb43bc0ab1888785aea3db97 (patch)
tree: e4f2422bcf78f3c7a812aebb33feefc733cf702e /retired/CVE-2022-24122
parent: f5d89cd1f3949a3ac013d86bef157aa8be877e6a (diff)
1 files changed, 18 insertions, 0 deletions
diff --git a/retired/CVE-2022-24122 b/retired/CVE-2022-24122
new file mode 100644
index 00000000..06c6eae3
--- /dev/null
+++ b/retired/CVE-2022-24122
@@ -0,0 +1,18 @@
+Description: ucount:  Make get_ucount a safe get_user replacement
+References:
+ https://www.openwall.com/lists/oss-security/2022/01/29/1
+Notes:
+ carnil> Introduced in v5.14-rc1 with merge of d64696905554
+ carnil> ("Reimplement RLIMIT_SIGPENDING on top of ucounts"),
+ carnil> 6e52a9f0532f ("Reimplement RLIMIT_MSGQUEUE on top of ucounts")
+ carnil> and d7c9e99aee48 ("Reimplement RLIMIT_MEMLOCK on top of
+ carnil> ucounts").
+Bugs:
+upstream: released (5.17-rc2) [f9d87929d451d3e649699d0f1d74f71f77ad38f5]
+5.10-upstream-stable: N/A "Vulnerable code not present"
+4.19-upstream-stable: N/A "Vulnerable code not present"
+4.9-upstream-stable: N/A "Vulnerable code not present"
+sid: released (5.15.15-2) [bugfix/all/ucount-Make-get_ucount-a-safe-get_user-replacement.patch]
+5.10-bullseye-security: N/A "Vulnerable code not present"
+4.19-buster-security: N/A "Vulnerable code not present"
+4.9-stretch-security: N/A "Vulnerable code not present"
author	Salvatore Bonaccorso <carnil@debian.org>	2022-02-11 20:49:40 +0100
committer	Salvatore Bonaccorso <carnil@debian.org>	2022-02-11 20:49:40 +0100
commit	9cf335eee40b048fcb43bc0ab1888785aea3db97 (patch)
tree	e4f2422bcf78f3c7a812aebb33feefc733cf702e /retired/CVE-2022-24122
parent	f5d89cd1f3949a3ac013d86bef157aa8be877e6a (diff)