From 54e56f1daeaf9a010c9875ee2378587dd6f83757 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Moritz=20M=C3=BChlenhoff?= <mmuhlenhoff@wikimedia.org>
Date: Tue, 1 Aug 2023 20:00:56 +0200
Subject: retire three ntfs issues

---
 ignored/CVE-2018-12929 | 19 +++++++++++++++++++
 ignored/CVE-2018-12930 | 20 ++++++++++++++++++++
 ignored/CVE-2018-12931 | 20 ++++++++++++++++++++
 3 files changed, 59 insertions(+)
 create mode 100644 ignored/CVE-2018-12929
 create mode 100644 ignored/CVE-2018-12930
 create mode 100644 ignored/CVE-2018-12931

(limited to 'ignored')

diff --git a/ignored/CVE-2018-12929 b/ignored/CVE-2018-12929
new file mode 100644
index 00000000..cf4d4f64
--- /dev/null
+++ b/ignored/CVE-2018-12929
@@ -0,0 +1,19 @@
+Description: use-after-free in ntfs_read_locked_inode()
+References:
+Notes:
+ carnil> Upload for Debian disables NTFS_FS and marks it as BROKEN
+ jmm> Setting as ignored for upstream since dead/unmaintained and
+ jmm> ignored for all suites where it's marked as BROKEN
+Bugs:
+upstream: ignored
+6.1-upstream-stable: ignored
+5.10-upstream-stable: ignored
+4.19-upstream-stable: ignored
+4.9-upstream-stable: ignored "EOL"
+3.16-upstream-stable: ignored "ntfs is not supportable"
+sid: released (4.19.37-1) [debian/ntfs-mark-it-as-broken.patch]
+6.1-bookworm-security: N/A "Fixed before branch point"
+5.10-bullseye-security: N/A "Fixed before branching point"
+4.19-buster-security: N/A "Fixed before branching point"
+4.9-stretch-security: ignored "EOL"
+3.16-jessie-security: ignored "ntfs is not supportable"
diff --git a/ignored/CVE-2018-12930 b/ignored/CVE-2018-12930
new file mode 100644
index 00000000..46a79bab
--- /dev/null
+++ b/ignored/CVE-2018-12930
@@ -0,0 +1,20 @@
+Description: out-of-bounds-write in ntfs_end_buffer_async_read()
+References:
+Notes:
+ jmm> Red Hat fixed that in RHSA-2019:0641
+ carnil> Upload for Debian disables NTFS_FS and marks it as BROKEN
+ jmm> Setting as ignored for upstream since dead/unmaintained and
+ jmm> ignored for all suites where it's marked as BROKEN
+Bugs:
+upstream: ignored
+6.1-upstream-stable: ignored
+5.10-upstream-stable: ignored
+4.19-upstream-stable: ignored
+4.9-upstream-stable: ignored "EOL"
+3.16-upstream-stable: ignored "ntfs is not supportable"
+sid: released (4.19.37-1) [debian/ntfs-mark-it-as-broken.patch]
+6.1-bookworm-security: N/A "Fixed before branch point"
+5.10-bullseye-security: N/A "Fixed before branching point"
+4.19-buster-security: N/A "Fixed before branching point"
+4.9-stretch-security: ignored "EOL"
+3.16-jessie-security: ignored "ntfs is not supportable"
diff --git a/ignored/CVE-2018-12931 b/ignored/CVE-2018-12931
new file mode 100644
index 00000000..73648271
--- /dev/null
+++ b/ignored/CVE-2018-12931
@@ -0,0 +1,20 @@
+Description: out-of-bounds write in ntfs_attr_find()
+References:
+Notes:
+ jmm> Red Hat fixed that in RHSA-2019:0641
+ carnil> Upload for Debian disables NTFS_FS and marks it as BROKEN
+ jmm> Setting as ignored for upstream since dead/unmaintained and
+ jmm> ignored for all suites where it's marked as BROKEN
+Bugs:
+upstream: ignored
+6.1-upstream-stable: ignored
+5.10-upstream-stable: ignored
+4.19-upstream-stable: ignored
+4.9-upstream-stable: ignored "EOL"
+3.16-upstream-stable: ignored "ntfs is not supportable"
+sid: released (4.19.37-1) [debian/ntfs-mark-it-as-broken.patch]
+6.1-bookworm-security: N/A "Fixed before branch point"
+5.10-bullseye-security: N/A "Fixed before branching point"
+4.19-buster-security: N/A "Fixed before branching point"
+4.9-stretch-security: ignored "EOL"
+3.16-jessie-security: ignored "ntfs is not supportable"
-- 
cgit v1.2.3