fix linux-4.9 entries

Most of these are already fixed in jessie, so having a jessie entry with unfixed is wrong. Rather than marking it as fixed, add the generic entry as removed and let the cross-reference do its job.
author: Emilio Pozuelo Monfort <pochu@debian.org> 2020-07-06 13:44:33 +0200
committer: Emilio Pozuelo Monfort <pochu@debian.org> 2020-07-06 13:44:33 +0200
commit: 704ca3d0ac3bf77271d1af3e1c3c7d81e3697114 (patch)
tree: b00737ba9b1f74641b39e8a9e50506dc96248d63 /data/CVE
parent: 24b57440e764eba20d504b1e802a0fad1542c204 (diff)
1 files changed, 13 insertions, 13 deletions
diff --git a/data/CVE/list b/data/CVE/list
index b707259dbc..ad68a2680c 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -113653,7 +113653,7 @@ CVE-2018-13099 (An issue was discovered in fs/f2fs/inline.c in the Linux kernel
 	{DSA-4308-1 DLA-1531-1}
 	- linux 4.18.10-1
 	[jessie] - linux <ignored> (Hard to backport and low priority outside of Android)
-	[jessie] - linux-4.9 <unfixed>
+	- linux-4.9 <removed>
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=200179
 	NOTE: https://git.kernel.org/pub/scm/linux/kernel/git/chao/linux.git/commit/?h=f2fs-dev&id=cc60e90f9bfab8d6a7fb826937e824333c3bf94a
 	NOTE: https://sourceforge.net/p/linux-f2fs/mailman/message/36356878/
@@ -113675,7 +113675,7 @@ CVE-2018-13096 (An issue was discovered in fs/f2fs/super.c in the Linux kernel t
 	- linux 4.19.9-1
 	[stretch] - linux 4.9.144-1
 	[jessie] - linux <ignored> (Hard to backport and low priority outside of Android)
-	[jessie] - linux-4.9 <unfixed>
+	- linux-4.9 <removed>
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=200167
 	NOTE: https://git.kernel.org/pub/scm/linux/kernel/git/chao/linux.git/commit/?h=f2fs-dev&id=e335cc683fd13882b9152937b06ff3c16c28aa34
 CVE-2018-13095 (An issue was discovered in fs/xfs/libxfs/xfs_inode_buf.c in the Linux  ...)
@@ -113687,7 +113687,7 @@ CVE-2018-13094 (An issue was discovered in fs/xfs/libxfs/xfs_attr_leaf.c in the
 	{DLA-2114-1 DLA-1529-1}
 	- linux 4.17.14-1
 	[stretch] - linux 4.9.210-1
-	[jessie] - linux-4.9 <unfixed>
+	- linux-4.9 <removed>
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=199969
 	NOTE: https://git.kernel.org/pub/scm/fs/xfs/xfs-linux.git/commit/?h=for-next&id=bb3d48dcf86a97dc25fe9fc2c11938e19cb4399a
 CVE-2018-13093 (An issue was discovered in fs/xfs/xfs_icache.c in the Linux kernel thr ...)
@@ -113780,7 +113780,7 @@ CVE-2018-13053 (The alarm_timer_nsleep function in kernel/time/alarmtimer.c in t
 	{DLA-1731-1 DLA-1715-1}
 	- linux 4.18.20-1
 	[stretch] - linux 4.9.135-1
-	[jessie] - linux-4.9 <unfixed>
+	- linux-4.9 <removed>
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=200303
 	NOTE: https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=5f936e19cc0ef97dbe3a56e9498922ad5ba1edef
 CVE-2018-13052 (In CyberArk Endpoint Privilege Manager (formerly Viewfinity), Privileg ...)
@@ -114087,7 +114087,7 @@ CVE-2018-12928 (In the Linux kernel 4.15.0, a NULL pointer dereference was disco
 	- linux <unfixed> (low)
 	[buster] - linux <ignored> (Minor issue)
 	[stretch] - linux <ignored> (Minor issue)
-	[jessie] - linux-4.9 <unfixed>
+	- linux-4.9 <removed>
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1763384
 	NOTE: https://marc.info/?l=linux-fsdevel&m=152407263325766&w=2
 CVE-2018-12927 (Northern Electric &amp; Power (NEP) inverter devices allow remote atta ...)
@@ -120778,7 +120778,7 @@ CVE-2018-10682 (** DISPUTED ** An issue was discovered in WildFly 10.1.2.Final.
 	- wildfly <itp> (bug #752018)
 CVE-2016-10723 (** DISPUTED ** An issue was discovered in the Linux kernel through 4.1 ...)
 	- linux <unfixed>
-	[jessie] - linux-4.9 <unfixed>
+	- linux-4.9 <removed>
 	NOTE: https://patchwork.kernel.org/patch/10395909/
 CVE-2016-10722 (partclone.fat in Partclone before 0.2.88 is prone to a heap-based buff ...)
 	- partclone 0.2.88-1
@@ -121676,7 +121676,7 @@ CVE-2018-10322 (The xfs_dinode_verify function in fs/xfs/libxfs/xfs_inode_buf.c
 	- linux 4.16.5-1
 	[jessie] - linux <ignored> (dinode verifier not implemented)
 	[wheezy] - linux <ignored> (dinode verifier not implemented)
-	[jessie] - linux-4.9 <unfixed>
+	- linux-4.9 <removed>
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=199377
 CVE-2018-10321 (Frog CMS 0.9.5 has a stored Cross Site Scripting Vulnerability via "Ad ...)
 	NOT-FOR-US: Frog CMS
@@ -124968,7 +124968,7 @@ CVE-2017-18249 (The add_free_nid function in fs/f2fs/node.c in the Linux kernel
 	[stretch] - linux 4.9.144-1
 	[jessie] - linux <ignored> (Hard to backport and low priority outside of Android)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
-	[jessie] - linux-4.9 <unfixed>
+	- linux-4.9 <removed>
 	NOTE: Fixed by: https://git.kernel.org/linus/30a61ddf8117c26ac5b295e1233eaa9629a94ca3
 CVE-2017-18248 (The add_job function in scheduler/ipp.c in CUPS before 2.2.6, when D-B ...)
 	{DLA-1412-1 DLA-1387-1}
@@ -125936,7 +125936,7 @@ CVE-2017-18232 (The Serial Attached SCSI (SAS) implementation in the Linux kerne
 	[stretch] - linux <ignored> (Minor issue)
 	[jessie] - linux <ignored> (Minor issue)
 	[wheezy] - linux <not-affected> (Vulnerability introduced later)
-	[jessie] - linux-4.9 <unfixed>
+	- linux-4.9 <removed>
 	NOTE: Fixed by: https://git.kernel.org/linus/0558f33c06bb910e2879e355192227a8e8f0219d
 CVE-2018-8717 (joyplus-cms 1.6.0 has CSRF, as demonstrated by adding an administrator ...)
 	NOT-FOR-US: joyplus-cms
@@ -128173,7 +128173,7 @@ CVE-2018-7756 (RunExeFile.exe in the installer for DEWESoft X3 SP1 (64-bit) devi
 CVE-2018-7755 (An issue was discovered in the fd_locked_ioctl function in drivers/blo ...)
 	{DSA-4308-1 DLA-1531-1 DLA-1529-1}
 	- linux 4.18.10-1
-	[jessie] - linux-4.9 <unfixed>
+	- linux-4.9 <removed>
 	NOTE: https://lkml.org/lkml/2018/5/29/495
 CVE-2018-7754 (The aoedisk_debugfs_show function in drivers/block/aoe/aoeblk.c in the ...)
 	- linux 4.15.4-1
@@ -129982,7 +129982,7 @@ CVE-2018-7273 (In the Linux kernel through 4.15.4, the floppy driver reveals the
 	[stretch] - linux <ignored> (Minor issue)
 	[jessie] - linux <ignored> (Minor issue)
 	[wheezy] - linux <ignored> (Minor issue)
-	[jessie] - linux-4.9 <unfixed>
+	- linux-4.9 <removed>
 	NOTE: https://lkml.org/lkml/2018/2/20/669
 CVE-2018-7272 (The REST APIs in ForgeRock AM before 5.5.0 include SSOToken IDs as par ...)
 	NOT-FOR-US: ForgeRock AM
@@ -132755,7 +132755,7 @@ CVE-2018-1000026 (Linux Linux kernel version at least v4.8 onwards, probably wel
 	- linux 4.16.5-1
 	[stretch] - linux 4.9.161-1
 	[jessie] - linux <ignored> (Minor issue, requires core networking changes)
-	[jessie] - linux-4.9 <unfixed>
+	- linux-4.9 <removed>
 	NOTE: https://patchwork.ozlabs.org/patch/859410/
 	NOTE: http://lists.openwall.net/netdev/2018/01/16/40
 	NOTE: http://lists.openwall.net/netdev/2018/01/18/96
@@ -205270,7 +205270,7 @@ CVE-2016-8660 (The XFS subsystem in the Linux kernel through 4.8.2 allows local
 	- linux <unfixed> (low)
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
-	[jessie] - linux-4.9 <unfixed> (low)
+	- linux-4.9 <removed> (low)
 CVE-2016-8659 (Bubblewrap before 0.1.3 sets the PR_SET_DUMPABLE flag, which might all ...)
 	- bubblewrap 0.1.2-2 (bug #840605)
 	NOTE: https://github.com/projectatomic/bubblewrap/issues/107
author	Emilio Pozuelo Monfort <pochu@debian.org>	2020-07-06 13:44:33 +0200
committer	Emilio Pozuelo Monfort <pochu@debian.org>	2020-07-06 13:44:33 +0200
commit	704ca3d0ac3bf77271d1af3e1c3c7d81e3697114 (patch)
tree	b00737ba9b1f74641b39e8a9e50506dc96248d63 /data/CVE
parent	24b57440e764eba20d504b1e802a0fad1542c204 (diff)