Merge fixes for CVEs for src:linux in stretch

author: Salvatore Bonaccorso <carnil@debian.org> 2020-02-07 09:13:48 +0100
committer: Salvatore Bonaccorso <carnil@debian.org> 2020-02-07 10:33:54 +0100
commit: b4e536f2baf8d54bd32241cd175d66c2654f1e16 (patch)
tree: de38257f958f5752b651506bd6395491f3c37b33 /data
parent: 62c8c78db0a140088511630b3099b3b290ee1065 (diff)
2 files changed, 66 insertions, 133 deletions
diff --git a/data/CVE/list b/data/CVE/list
index 97c025a4ea..882afa6118 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -10957,6 +10957,7 @@ CVE-2019-20097 (Bitbucket Server and Bitbucket Data Center versions starting fro
 CVE-2019-20096 (In the Linux kernel before 5.1, there is a memory leak in __feat_regis ...)
 	- linux 5.2.6-1
 	[buster] - linux 4.19.98-1
+	[stretch] - linux 4.9.210-1
 	[jessie] - linux 3.16.72-1
 	NOTE: https://git.kernel.org/linus/1d3ff0950e2b40dc861b1739029649d03f591820
 CVE-2019-20095 (mwifiex_tm_cmd in drivers/net/wireless/marvell/mwifiex/cfg80211.c in t ...)
@@ -11294,6 +11295,7 @@ CVE-2019-19965 (In the Linux kernel through 5.4.6, there is a NULL pointer deref
 	{DLA-2068-1}
 	- linux 5.4.13-1
 	[buster] - linux 4.19.98-1
+	[stretch] - linux 4.9.210-1
 	NOTE: https://git.kernel.org/linus/f70267f379b5e5e11bdc5d72a56bf17e5feed01f
 CVE-2019-19964
 	RESERVED
@@ -11374,6 +11376,7 @@ CVE-2019-19947 (In the Linux kernel through 5.4.6, there are information leaks o
 	{DLA-2068-1}
 	- linux 5.4.8-1
 	[buster] - linux 4.19.98-1
+	[stretch] - linux 4.9.210-1
 	NOTE: https://git.kernel.org/linus/da2311a6385c3b499da2ed5d9be59ce331fa93e9
 CVE-2019-19946
 	RESERVED
@@ -13555,6 +13558,7 @@ CVE-2019-19767 (The Linux kernel before 5.4.2 mishandles ext4_expand_extra_isize
 	{DLA-2068-1}
 	- linux 5.3.15-1
 	[buster] - linux 4.19.98-1
+	[stretch] - linux 4.9.210-1
 	NOTE: https://git.kernel.org/linus/4ea99936a1630f51fc3a2d61a58ec4a1c4b7d55a
 CVE-2019-19766 (The Bitwarden server through 1.32.0 has a potentially unwanted KDF. ...)
 	NOT-FOR-US: Bitwarden server
@@ -16506,41 +16510,49 @@ CVE-2019-19537 (In the Linux kernel before 5.2.10, there is a race condition bug
 	{DLA-2068-1}
 	- linux 5.2.17-1
 	[buster] - linux 4.19.87-1
+	[stretch] - linux 4.9.210-1
 	NOTE: https://git.kernel.org/linus/303911cfc5b95d33687d9046133ff184cf5043ff
 CVE-2019-19536 (In the Linux kernel before 5.2.9, there is an info-leak bug that can b ...)
 	{DLA-2068-1}
 	- linux 5.2.9-1
 	[buster] - linux 4.19.67-1
+	[stretch] - linux 4.9.210-1
 	NOTE: https://git.kernel.org/linus/ead16e53c2f0ed946d82d4037c630e2f60f4ab69
 CVE-2019-19535 (In the Linux kernel before 5.2.9, there is an info-leak bug that can b ...)
 	- linux 5.2.9-1
 	[buster] - linux 4.19.67-1
+	[stretch] - linux 4.9.210-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://git.kernel.org/linus/30a8beeb3042f49d0537b7050fd21b490166a3d9
 CVE-2019-19534 (In the Linux kernel before 5.3.11, there is an info-leak bug that can  ...)
 	{DLA-2068-1}
 	- linux 5.3.15-1
 	[buster] - linux 4.19.87-1
+	[stretch] - linux 4.9.210-1
 	NOTE: https://git.kernel.org/linus/f7a1337f0d29b98733c8824e165fca3371d7d4fd
 CVE-2019-19533 (In the Linux kernel before 5.3.4, there is an info-leak bug that can b ...)
 	{DLA-2068-1}
 	- linux 5.3.7-1
 	[buster] - linux 4.19.87-1
+	[stretch] - linux 4.9.210-1
 	NOTE: https://git.kernel.org/linus/a10feaf8c464c3f9cfdd3a8a7ce17e1c0d498da1
 CVE-2019-19532 (In the Linux kernel before 5.3.9, there are multiple out-of-bounds wri ...)
 	{DLA-2068-1}
 	- linux 5.3.9-1
 	[buster] - linux 4.19.87-1
+	[stretch] - linux 4.9.210-1
 	NOTE: https://git.kernel.org/linus/d9d4b1e46d9543a82c23f6df03f4ad697dab361b
 CVE-2019-19531 (In the Linux kernel before 5.2.9, there is a use-after-free bug that c ...)
 	{DLA-2068-1}
 	- linux 5.2.9-1
 	[buster] - linux 4.19.67-1
+	[stretch] - linux 4.9.210-1
 	NOTE: https://git.kernel.org/linus/fc05481b2fcabaaeccf63e32ac1baab54e5b6963
 CVE-2019-19530 (In the Linux kernel before 5.2.10, there is a use-after-free bug that  ...)
 	{DLA-2068-1}
 	- linux 5.2.17-1
 	[buster] - linux 4.19.87-1
+	[stretch] - linux 4.9.210-1
 	NOTE: https://git.kernel.org/linus/c52873e5a1ef72f845526d9f6a50704433f9c625
 CVE-2019-19529 (In the Linux kernel before 5.3.11, there is a use-after-free bug that  ...)
 	- linux 5.3.15-1
@@ -16558,6 +16570,7 @@ CVE-2019-19527 (In the Linux kernel before 5.2.10, there is a use-after-free bug
 	{DLA-2068-1}
 	- linux 5.2.17-1
 	[buster] - linux 4.19.87-1
+	[stretch] - linux 4.9.210-1
 	NOTE: https://git.kernel.org/linus/6d4472d7bec39917b54e4e80245784ea5d60ce49
 	NOTE: https://git.kernel.org/linus/9c09b214f30e3c11f9b0b03f89442df03643794d
 CVE-2019-19526 (In the Linux kernel before 5.3.9, there is a use-after-free bug that c ...)
@@ -16569,17 +16582,20 @@ CVE-2019-19526 (In the Linux kernel before 5.3.9, there is a use-after-free bug
 CVE-2019-19525 (In the Linux kernel before 5.3.6, there is a use-after-free bug that c ...)
 	- linux 5.3.7-1
 	[buster] - linux 4.19.87-1
+	[stretch] - linux 4.9.210-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://git.kernel.org/linus/7fd25e6fc035f4b04b75bca6d7e8daa069603a76
 CVE-2019-19524 (In the Linux kernel before 5.3.12, there is a use-after-free bug that  ...)
 	{DLA-2068-1}
 	- linux 5.3.15-1
 	[buster] - linux 4.19.87-1
+	[stretch] - linux 4.9.210-1
 	NOTE: https://git.kernel.org/linus/fa3a5a1880c91bb92594ad42dfe9eedad7996b86
 CVE-2019-19523 (In the Linux kernel before 5.3.7, there is a use-after-free bug that c ...)
 	{DLA-2068-1}
 	- linux 5.3.7-1
 	[buster] - linux 4.19.87-1
+	[stretch] - linux 4.9.210-1
 	NOTE: https://git.kernel.org/linus/44efc269db7929f6275a1fa927ef082e533ecde0
 CVE-2019-19522 (OpenBSD 6.6, in a non-default configuration where S/Key or YubiKey aut ...)
 	NOT-FOR-US: OpenBSD
@@ -17130,6 +17146,7 @@ CVE-2019-19448 (In the Linux kernel 5.0.21 and 5.3.11, mounting a crafted btrfs
 CVE-2019-19447 (In the Linux kernel 5.0.21, mounting a crafted ext4 filesystem image,  ...)
 	- linux 5.4.6-1
 	[buster] - linux 4.19.98-1
+	[stretch] - linux 4.9.210-1
 	NOTE: https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19447
 	NOTE: https://git.kernel.org/linus/c7df4a1ecb8579838ec8c56b2bb6a6716e974f37
 CVE-2019-19446
@@ -17647,6 +17664,7 @@ CVE-2019-19332 (An out-of-bounds memory write issue was found in the Linux Kerne
 	{DLA-2068-1}
 	- linux 5.4.6-1
 	[buster] - linux 4.19.98-1
+	[stretch] - linux 4.9.210-1
 	NOTE: https://git.kernel.org/linus/433f4ba1904100da65a311033f17a9bf586b287e
 CVE-2019-19331 (knot-resolver before version 4.3.0 is vulnerable to denial of service  ...)
 	- knot-resolver <unfixed> (bug #946181)
@@ -17964,6 +17982,7 @@ CVE-2019-19227 (In the AppleTalk subsystem in the Linux kernel before 5.1, there
 	{DLA-2068-1}
 	- linux 5.2.6-1
 	[buster] - linux 4.19.98-1
+	[stretch] - linux 4.9.210-1
 	NOTE: https://git.kernel.org/linus/9804501fa1228048857910a6bf23e085aade37cc
 CVE-2019-19226
 	RESERVED
@@ -18373,6 +18392,7 @@ CVE-2019-19069 (A memory leak in the fastrpc_dma_buf_attach() function in driver
 CVE-2019-19068 (A memory leak in the rtl8xxxu_submit_int_urb() function in drivers/net ...)
 	- linux 5.4.13-1
 	[buster] - linux 4.19.98-1
+	[stretch] - linux 4.9.210-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 CVE-2019-19067 (** DISPUTED ** Four memory leaks in the acp_hw_init() function in driv ...)
 	- linux 5.3.9-1 (unimportant)
@@ -18381,6 +18401,7 @@ CVE-2019-19066 (A memory leak in the bfad_im_get_stats() function in drivers/scs
 	{DLA-2068-1}
 	- linux 5.4.13-1
 	[buster] - linux 4.19.98-1
+	[stretch] - linux 4.9.210-1
 CVE-2019-19065 (A memory leak in the sdma_init() function in drivers/infiniband/hw/hfi ...)
 	- linux 5.3.9-1
 	[buster] - linux 4.19.87-1
@@ -18392,10 +18413,12 @@ CVE-2019-19064 (** DISPUTED ** A memory leak in the fsl_lpspi_probe() function i
 CVE-2019-19063 (Two memory leaks in the rtl_usb_probe() function in drivers/net/wirele ...)
 	- linux 5.4.8-1 (unimportant)
 	[buster] - linux 4.19.98-1
+	[stretch] - linux 4.9.210-1
 CVE-2019-19062 (A memory leak in the crypto_report() function in crypto/crypto_user_ba ...)
 	{DLA-2068-1}
 	- linux 5.4.6-1
 	[buster] - linux 4.19.98-1
+	[stretch] - linux 4.9.210-1
 CVE-2019-19061 (A memory leak in the adis_update_scan_mode_burst() function in drivers ...)
 	- linux 5.3.9-1 (unimportant)
 	NOTE: https://git.kernel.org/linus/9c0530e898f384c5d279bfcebd8bb17af1105873
@@ -18419,10 +18442,12 @@ CVE-2019-19057 (Two memory leaks in the mwifiex_pcie_init_evt_ring() function in
 	{DLA-2068-1}
 	- linux 5.4.8-1
 	[buster] - linux 4.19.98-1
+	[stretch] - linux 4.9.210-1
 CVE-2019-19056 (A memory leak in the mwifiex_pcie_alloc_cmdrsp_buf() function in drive ...)
 	{DLA-2068-1}
 	- linux 5.4.13-1
 	[buster] - linux 4.19.98-1
+	[stretch] - linux 4.9.210-1
 CVE-2019-19055 (** DISPUTED ** A memory leak in the nl80211_get_ftm_responder_stats()  ...)
 	- linux 5.4.6-1 (unimportant)
 	[buster] - linux <not-affected> (Vulnerable code introduced later)
@@ -18441,11 +18466,13 @@ CVE-2019-19052 (A memory leak in the gs_can_open() function in drivers/net/can/u
 	{DLA-2068-1}
 	- linux 5.3.15-1
 	[buster] - linux 4.19.87-1
+	[stretch] - linux 4.9.210-1
 	NOTE: https://git.kernel.org/linus/fb5be6a7b4863ecc44963bb80ca614584b6c7817
 CVE-2019-19051 (A memory leak in the i2400m_op_rfkill_sw_toggle() function in drivers/ ...)
 	{DLA-2068-1}
 	- linux 5.3.15-1
 	[buster] - linux 4.19.98-1
+	[stretch] - linux 4.9.210-1
 	NOTE: https://git.kernel.org/linus/6f3ef5c25cc762687a7341c18cbea5af54461407
 CVE-2019-19050 (A memory leak in the crypto_reportstat() function in crypto/crypto_use ...)
 	- linux <unfixed>
@@ -18454,6 +18481,7 @@ CVE-2019-19050 (A memory leak in the crypto_reportstat() function in crypto/cryp
 CVE-2019-19049 (** DISPUTED ** A memory leak in the unittest_data_add() function in dr ...)
 	- linux 5.3.15-1 (unimportant)
 	[buster] - linux 4.19.87-1
+	[stretch] - linux 4.9.210-1
 	NOTE: https://git.kernel.org/linus/e13de8fe0d6a51341671bbe384826d527afe8d44
 	NOTE: unittest.c can only be reached during boot.
 CVE-2019-19048 (A memory leak in the crypto_reportstat() function in drivers/virt/vbox ...)
@@ -18501,6 +18529,7 @@ CVE-2019-19038
 CVE-2019-19037 (ext4_empty_dir in fs/ext4/namei.c in the Linux kernel through 5.3.12 a ...)
 	- linux 5.4.8-1
 	[buster] - linux 4.19.98-1
+	[stretch] - linux 4.9.210-1
 	[jessie] - linux <not-affected> (Vulnerability introduced later)
 CVE-2019-19036 (btrfs_root_node in fs/btrfs/ctree.c in the Linux kernel through 5.3.12 ...)
 	- linux <unfixed>
@@ -19058,6 +19087,7 @@ CVE-2019-18810 (A memory leak in the komeda_wb_connector_add() function in drive
 CVE-2019-18809 (A memory leak in the af9005_identify_state() function in drivers/media ...)
 	- linux 5.4.13-1
 	[buster] - linux 4.19.98-1
+	[stretch] - linux 4.9.210-1
 	[jessie] - linux <not-affected> (Bug introduced later)
 CVE-2019-18808 (A memory leak in the ccp_run_sha_cmd() function in drivers/crypto/ccp/ ...)
 	- linux <unfixed> (unimportant)
@@ -19071,6 +19101,7 @@ CVE-2019-18807 (Two memory leaks in the sja1105_static_config_upload() function
 CVE-2019-18806 (A memory leak in the ql_alloc_large_buffers() function in drivers/net/ ...)
 	- linux 5.3.7-1 (unimportant)
 	[buster] - linux 4.19.87-1
+	[stretch] - linux 4.9.210-1
 	NOTE: https://git.kernel.org/linus/1acb8f2a7a9f10543868ddd737e37424d5c36cf4
 CVE-2019-18805 (An issue was discovered in net/ipv4/sysctl_net_ipv4.c in the Linux ker ...)
 	- linux 5.2.6-1
@@ -21564,6 +21595,7 @@ CVE-2019-18676 (An issue was discovered in Squid 3.x and 4.x through 4.8. Due to
 CVE-2019-18683 (An issue was discovered in drivers/media/platform/vivid in the Linux k ...)
 	- linux 5.3.15-1
 	[buster] - linux 4.19.87-1
+	[stretch] - linux 4.9.210-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://www.openwall.com/lists/oss-security/2019/11/02/1
 CVE-2019-18675 (The Linux kernel through 5.3.13 has a start_offset+size Integer Overfl ...)
@@ -21602,6 +21634,7 @@ CVE-2019-18661 (Fastweb FASTGate 1.0.1b devices allow partial authentication byp
 CVE-2019-18660 (The Linux kernel before 5.4.1 on powerpc allows Information Exposure b ...)
 	- linux 5.3.15-1
 	[buster] - linux 4.19.87-1
+	[stretch] - linux 4.9.210-1
 	[jessie] - linux <ignored> (powerpc not supported in LTS)
 	NOTE: https://www.openwall.com/lists/oss-security/2019/11/27/1
 CVE-2019-18659 (The Wireless Emergency Alerts (WEA) protocol allows remote attackers t ...)
@@ -22723,6 +22756,7 @@ CVE-2019-18283 (A vulnerability has been identified in SPPA-T3000 Application Se
 CVE-2019-18282 (The flow_dissector feature in the Linux kernel 4.3 through 5.x before  ...)
 	- linux 5.3.15-1
 	[buster] - linux 4.19.87-1
+	[stretch] - linux 4.9.210-1
 	[jessie] - linux <not-affected> (Vulnerability introduced later)
 	NOTE: https://git.kernel.org/linus/55667441c84fa5e0911a0aac44fb059c15ba6da2
 CVE-2019-18281 (An out-of-bounds memory access in the generateDirectionalRuns() functi ...)
@@ -23885,6 +23919,7 @@ CVE-2020-0031
 CVE-2020-0030
 	RESERVED
 	- linux 4.15.11-1
+	[stretch] - linux 4.9.210-1
 	NOTE: Fixed by: https://git.kernel.org/linus/5eeb2ca02a2f6084fc57ae5c244a38baab07033a
 CVE-2020-0029
 	RESERVED
@@ -24996,6 +25031,7 @@ CVE-2019-17666 (rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in t
 	{DLA-2068-1}
 	- linux 5.3.9-1
 	[buster] - linux 4.19.87-1
+	[stretch] - linux 4.9.210-1
 	NOTE: https://lkml.org/lkml/2019/10/16/1226
 CVE-2019-17665 (NSA Ghidra before 9.0.2 is vulnerable to DLL hijacking because it load ...)
 	- ghidra <itp> (bug #923851)
@@ -26509,6 +26545,7 @@ CVE-2019-17133 (In the Linux kernel through 5.3.2, cfg80211_mgd_wext_giwessid in
 	{DLA-2068-1}
 	- linux 5.3.9-1
 	[buster] - linux 4.19.87-1
+	[stretch] - linux 4.9.210-1
 	NOTE: https://marc.info/?l=linux-wireless&m=157018270915487&w=2
 CVE-2019-17129
 	RESERVED
@@ -26638,6 +26675,7 @@ CVE-2019-17076 (An issue was discovered in Jamf Pro 9.x and 10.x before 10.15.1.
 CVE-2019-17075 (An issue was discovered in write_tpt_entry in drivers/infiniband/hw/cx ...)
 	- linux 5.3.7-1
 	[buster] - linux 4.19.87-1
+	[stretch] - linux 4.9.210-1
 	[jessie] - linux <ignored> (Not a problem in practice)
 	NOTE: https://lore.kernel.org/lkml/20191001165611.GA3542072@kroah.com
 CVE-2019-17074 (An issue was discovered in XunRuiCMS 4.3.1. There is a stored XSS in t ...)
@@ -26690,26 +26728,31 @@ CVE-2019-17056 (llcp_sock_create in net/nfc/llcp_sock.c in the AF_NFC network mo
 	{DLA-2068-1}
 	- linux 5.3.7-1
 	[buster] - linux 4.19.87-1
+	[stretch] - linux 4.9.210-1
 	NOTE: https://git.kernel.org/linus/3a359798b176183ef09efb7a3dc59abad1cc7104
 CVE-2019-17055 (base_sock_create in drivers/isdn/mISDN/socket.c in the AF_ISDN network ...)
 	{DLA-2068-1}
 	- linux 5.3.7-1
 	[buster] - linux 4.19.87-1
+	[stretch] - linux 4.9.210-1
 	NOTE: https://git.kernel.org/linus/b91ee4aa2a2199ba4d4650706c272985a5a32d80
 CVE-2019-17054 (atalk_create in net/appletalk/ddp.c in the AF_APPLETALK network module ...)
 	{DLA-2068-1}
 	- linux 5.3.7-1
 	[buster] - linux 4.19.87-1
+	[stretch] - linux 4.9.210-1
 	NOTE: https://git.kernel.org/linus/6cc03e8aa36c51f3b26a0d21a3c4ce2809c842ac
 CVE-2019-17053 (ieee802154_create in net/ieee802154/socket.c in the AF_IEEE802154 netw ...)
 	{DLA-2068-1}
 	- linux 5.3.7-1
 	[buster] - linux 4.19.87-1
+	[stretch] - linux 4.9.210-1
 	NOTE: https://git.kernel.org/linus/e69dbd4619e7674c1679cba49afd9dd9ac347eef
 CVE-2019-17052 (ax25_create in net/ax25/af_ax25.c in the AF_AX25 network module in the ...)
 	{DLA-2068-1}
 	- linux 5.3.7-1
 	[buster] - linux 4.19.87-1
+	[stretch] - linux 4.9.210-1
 	NOTE: https://git.kernel.org/linus/0614e2b73768b502fc32a75349823356d98aae2c
 CVE-2019-17051 (Evernote before 7.13 GA on macOS allows code execution because the com ...)
 	NOT-FOR-US: Evernote
@@ -27708,6 +27751,7 @@ CVE-2019-16746 (An issue was discovered in net/wireless/nl80211.c in the Linux k
 	{DLA-2068-1}
 	- linux 5.3.7-1
 	[buster] - linux 4.19.87-1
+	[stretch] - linux 4.9.210-1
 	NOTE: https://marc.info/?l=linux-wireless&m=156901391225058&w=2
 CVE-2019-16727
 	RESERVED
@@ -29955,6 +29999,7 @@ CVE-2018-21009 (Poppler before 0.66.0 has an integer overflow in Parser::makeStr
 CVE-2018-21008 (An issue was discovered in the Linux kernel before 4.16.7. A use-after ...)
 	{DLA-1930-1}
 	- linux 4.18.6-1
+	[stretch] - linux 4.9.210-1
 	NOTE: https://git.kernel.org/linus/abd39c6ded9db53aa44c2540092bdd5fb6590fa8
 CVE-2017-18595 (An issue was discovered in the Linux kernel before 4.14.11. A double f ...)
 	- linux 4.14.12-1
@@ -30001,6 +30046,7 @@ CVE-2019-15918 (An issue was discovered in the Linux kernel before 5.0.10. SMB2_
 CVE-2019-15917 (An issue was discovered in the Linux kernel before 5.0.5. There is a u ...)
 	{DLA-1930-1}
 	- linux 4.19.37-1
+	[stretch] - linux 4.9.210-1
 	NOTE: https://git.kernel.org/linus/56897b217a1d0a91c9920cb418d6b3fe922f590a
 CVE-2019-15916 (An issue was discovered in the Linux kernel before 5.0.1. There is a m ...)
 	- linux 4.19.28-1
@@ -31260,6 +31306,7 @@ CVE-2019-15505 (drivers/media/usb/dvb-usb/technisat-usb2.c in the Linux kernel t
 	{DLA-2068-1}
 	- linux 5.2.17-1
 	[buster] - linux 4.19.87-1
+	[stretch] - linux 4.9.210-1
 CVE-2019-15504 (drivers/net/wireless/rsi/rsi_91x_usb.c in the Linux kernel through 5.2 ...)
 	- linux 5.2.17-1
 	[buster] - linux 4.19.87-1
@@ -31953,6 +32000,7 @@ CVE-2019-15291 (An issue was discovered in the Linux kernel through 5.2.9. There
 	{DLA-2068-1}
 	- linux 5.3.15-1
 	[buster] - linux 4.19.87-1
+	[stretch] - linux 4.9.210-1
 	NOTE: https://www.openwall.com/lists/oss-security/2019/08/20/2
 CVE-2019-15290
 	REJECTED
@@ -32034,6 +32082,7 @@ CVE-2019-15217 (An issue was discovered in the Linux kernel before 5.2.3. There
 	{DLA-2068-1}
 	- linux 5.2.6-1
 	[buster] - linux 4.19.98-1
+	[stretch] - linux 4.9.210-1
 	NOTE: https://git.kernel.org/linus/5d2e73a5f80a5b5aff3caf1ec6d39b5b3f54b26e
 CVE-2019-15216 (An issue was discovered in the Linux kernel before 5.0.14. There is a  ...)
 	{DLA-1919-1 DLA-1884-1}
@@ -32307,6 +32356,7 @@ CVE-2019-15149 (** DISPUTED ** core.py in Mitogen before 0.2.8 has a typo that d
 CVE-2018-20976 (An issue was discovered in fs/xfs/xfs_super.c in the Linux kernel befo ...)
 	{DLA-1930-1}
 	- linux 4.18.6-1
+	[stretch] - linux 4.9.210-1
 	NOTE: https://git.kernel.org/linus/c9fbd7bbc23dbdd73364be4d045e5d3612cf6e82
 CVE-2017-18552 (An issue was discovered in net/rds/af_rds.c in the Linux kernel before ...)
 	- linux 4.11.6-1
@@ -32623,6 +32673,7 @@ CVE-2019-15098 (drivers/net/wireless/ath/ath6kl/usb.c in the Linux kernel throug
 	{DLA-2068-1}
 	- linux 5.3.7-1
 	[buster] - linux 4.19.87-1
+	[stretch] - linux 4.9.210-1
 	NOTE: https://lore.kernel.org/linux-wireless/20190804002905.11292-1-benquike@gmail.com/T/#u
 CVE-2019-15090 (An issue was discovered in drivers/scsi/qedi/qedi_dbg.c in the Linux k ...)
 	- linux 5.2.6-1
@@ -32792,6 +32843,7 @@ CVE-2019-15031 (In the Linux kernel through 5.2.14 on the powerpc platform, a lo
 CVE-2019-15030 (In the Linux kernel through 5.2.14 on the powerpc platform, a local us ...)
 	- linux 5.2.17-1
 	[buster] - linux 4.19.87-1
+	[stretch] - linux 4.9.210-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://git.kernel.org/linus/8205d5d98ef7f155de211f5e2eb6ca03d95a5a60
 CVE-2019-15029 (FusionPBX 4.4.8 allows an attacker to execute arbitrary system command ...)
@@ -33287,6 +33339,7 @@ CVE-2019-14901 (A heap overflow flaw was found in the Linux kernel, all versions
 	{DLA-2068-1}
 	- linux 5.4.13-1
 	[buster] - linux 4.19.98-1
+	[stretch] - linux 4.9.210-1
 	NOTE: https://www.openwall.com/lists/oss-security/2019/11/22/2
 CVE-2019-14900
 	RESERVED
@@ -33299,16 +33352,19 @@ CVE-2019-14897 (A stack-based buffer overflow was found in the Linux kernel, ver
 	{DLA-2068-1}
 	- linux <unfixed>
 	[buster] - linux 4.19.98-1
+	[stretch] - linux 4.9.210-1
 	NOTE: https://www.openwall.com/lists/oss-security/2019/11/22/1
 CVE-2019-14896 (A heap-based buffer overflow vulnerability was found in the Linux kern ...)
 	{DLA-2068-1}
 	- linux <unfixed>
 	[buster] - linux 4.19.98-1
+	[stretch] - linux 4.9.210-1
 	NOTE: https://www.openwall.com/lists/oss-security/2019/11/22/1
 CVE-2019-14895 (A heap-based buffer overflow was discovered in the Linux kernel, all v ...)
 	{DLA-2068-1}
 	- linux 5.4.13-1
 	[buster] - linux 4.19.98-1
+	[stretch] - linux 4.9.210-1
 	NOTE: https://www.openwall.com/lists/oss-security/2019/11/22/1
 CVE-2019-14894
 	RESERVED
@@ -33710,15 +33766,18 @@ CVE-2019-14816 (There is heap-based buffer overflow in kernel, all versions up t
 	{DLA-1930-1}
 	- linux 5.2.17-1
 	[buster] - linux 4.19.87-1
+	[stretch] - linux 4.9.210-1
 CVE-2019-14815 (A vulnerability was found in Linux Kernel, where a Heap Overflow was f ...)
 	{DLA-1930-1}
 	- linux 5.2.17-1
 	[buster] - linux 4.19.87-1
+	[stretch] - linux 4.9.210-1
 	[jessie] - linux <not-affected> (Vulnerability introduced later)
 CVE-2019-14814 (There is heap-based buffer overflow in Linux kernel, all versions up t ...)
 	{DLA-1930-1}
 	- linux 5.2.17-1
 	[buster] - linux 4.19.87-1
+	[stretch] - linux 4.9.210-1
 CVE-2019-14813 (A flaw was found in ghostscript, versions 9.x before 9.50, in the sets ...)
 	{DSA-4518-1 DLA-1915-1}
 	- ghostscript 9.28~~rc2~dfsg-1
@@ -34273,6 +34332,7 @@ CVE-2019-14616
 CVE-2019-14615 (Insufficient control flow in certain data structures for some Intel(R) ...)
 	- linux 5.4.13-1
 	[buster] - linux 4.19.98-1
+	[stretch] - linux 4.9.210-1
 	[jessie] - linux <not-affected> (Driver doesn't support this hardware)
 	NOTE: https://git.kernel.org/linus/bc8a76a152c5f9ef3b48104154a65a68a8b76946
 CVE-2019-14614
@@ -41365,6 +41425,7 @@ CVE-2019-12615 (An issue was discovered in get_vdev_port_node_info in arch/sparc
 CVE-2019-12614 (An issue was discovered in dlpar_parse_cc_property in arch/powerpc/pla ...)
 	- linux 5.3.7-1 (unimportant)
 	[buster] - linux 4.19.98-1
+	[stretch] - linux 4.9.210-1
 	NOTE: https://lkml.org/lkml/2019/6/3/526
 	NOTE: This is a potential null pointer dereference that looks like it can
 	NOTE: only be invoked by root or the hypervisor.  Probably no security impact.
@@ -47937,6 +47998,7 @@ CVE-2019-10220 (Linux kernel CIFS implementation, version 4.9.0 is vulnerable to
 	{DLA-2068-1}
 	- linux 5.3.9-1
 	[buster] - linux 4.19.98-1
+	[stretch] - linux 4.9.210-1
 CVE-2019-10219 (A vulnerability was found in Hibernate-Validator. The SafeHtml validat ...)
 	- libhibernate-validator-java <unfixed> (bug #948235)
 	[buster] - libhibernate-validator-java <not-affected> (Vulnerable code was introduced later.)
@@ -71030,6 +71092,7 @@ CVE-2019-2216
 CVE-2019-2215 (A use-after-free in binder.c allows an elevation of privilege from an  ...)
 	{DLA-2068-1}
 	- linux 4.15.4-1
+	[stretch] - linux 4.9.210-1
 	NOTE: Fixed by: https://git.kernel.org/linus/f5cb779ba16334b45ba8946d6bfa6d9834d1527f
 CVE-2019-2214 (In binder_transaction of binder.c, there is a possible out of bounds w ...)
 	- linux 5.2.6-1
@@ -77624,7 +77687,7 @@ CVE-2019-0136 (Insufficient access control in the Intel(R) PROSet/Wireless WiFi
 	{DLA-1930-1 DLA-1919-1}
 	- linux 5.2.6-1
 	[buster] - linux 4.19.67-1
-	[stretch] - linux 4.9.185-1
+	[stretch] - linux 4.9.210-1
 	NOTE: https://git.kernel.org/linus/79c92ca42b5a3e0ea172ea2ce8df8e125af237da
 	NOTE: https://git.kernel.org/linus/588f7d39b3592a36fb7702ae3b8bdd9be4621e2f
 CVE-2019-0135 (Improper permissions in the installer for Intel(R) Accelerated Storage ...)
@@ -93757,12 +93820,14 @@ CVE-2018-13095 (An issue was discovered in fs/xfs/libxfs/xfs_inode_buf.c in the
 CVE-2018-13094 (An issue was discovered in fs/xfs/libxfs/xfs_attr_leaf.c in the Linux  ...)
 	{DLA-1529-1}
 	- linux 4.17.14-1
+	[stretch] - linux 4.9.210-1
 	[jessie] - linux-4.9 <unfixed>
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=199969
 	NOTE: https://git.kernel.org/pub/scm/fs/xfs/xfs-linux.git/commit/?h=for-next&id=bb3d48dcf86a97dc25fe9fc2c11938e19cb4399a
 CVE-2018-13093 (An issue was discovered in fs/xfs/xfs_icache.c in the Linux kernel thr ...)
 	{DLA-1529-1}
 	- linux 4.17.14-1
+	[stretch] - linux 4.9.210-1
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=199367
 	NOTE: https://git.kernel.org/pub/scm/fs/xfs/xfs-linux.git/commit/?h=for-next&id=afca6c5b2595fc44383919fba740c194b0b76aff
 CVE-2018-13092 (The mintToken function of a smart contract implementation for Reimburs ...)
diff --git a/data/next-oldstable-point-update.txt b/data/next-oldstable-point-update.txt
index 52918aa9e7..9d7bca7eb0 100644
--- a/data/next-oldstable-point-update.txt
+++ b/data/next-oldstable-point-update.txt
@@ -130,138 +130,6 @@ CVE-2016-10894
 	[stretch] - xtrlock 2.8+deb9u1
 CVE-2019-16275
 	[stretch] - wpa 2:2.4-1+deb9u5
-CVE-2018-13093
-	[stretch] - linux 4.9.210-1
-CVE-2018-13094
-	[stretch] - linux 4.9.210-1
-CVE-2018-20976
-	[stretch] - linux 4.9.210-1
-CVE-2018-21008
-	[stretch] - linux 4.9.210-1
-CVE-2019-0136
-	[stretch] - linux 4.9.210-1
-CVE-2019-10220
-	[stretch] - linux 4.9.210-1
-CVE-2019-14615
-	[stretch] - linux 4.9.210-1
-CVE-2019-14814
-	[stretch] - linux 4.9.210-1
-CVE-2019-14815
-	[stretch] - linux 4.9.210-1
-CVE-2019-14816
-	[stretch] - linux 4.9.210-1
-CVE-2019-14895
-	[stretch] - linux 4.9.210-1
-CVE-2019-14896
-	[stretch] - linux 4.9.210-1
-CVE-2019-14897
-	[stretch] - linux 4.9.210-1
-CVE-2019-14901
-	[stretch] - linux 4.9.210-1
-CVE-2019-15030
-	[stretch] - linux 4.9.210-1
-CVE-2019-15098
-	[stretch] - linux 4.9.210-1
-CVE-2019-15217
-	[stretch] - linux 4.9.210-1
-CVE-2019-15291
-	[stretch] - linux 4.9.210-1
-CVE-2019-15505
-	[stretch] - linux 4.9.210-1
-CVE-2019-15917
-	[stretch] - linux 4.9.210-1
-CVE-2019-16746
-	[stretch] - linux 4.9.210-1
-CVE-2019-17052
-	[stretch] - linux 4.9.210-1
-CVE-2019-17053
-	[stretch] - linux 4.9.210-1
-CVE-2019-17054
-	[stretch] - linux 4.9.210-1
-CVE-2019-17055
-	[stretch] - linux 4.9.210-1
-CVE-2019-17056
-	[stretch] - linux 4.9.210-1
-CVE-2019-17075
-	[stretch] - linux 4.9.210-1
-CVE-2019-17133
-	[stretch] - linux 4.9.210-1
-CVE-2019-17666
-	[stretch] - linux 4.9.210-1
-CVE-2019-18282
-	[stretch] - linux 4.9.210-1
-CVE-2019-18660
-	[stretch] - linux 4.9.210-1
-CVE-2019-18683
-	[stretch] - linux 4.9.210-1
-CVE-2019-18806
-	[stretch] - linux 4.9.210-1
-CVE-2019-18809
-	[stretch] - linux 4.9.210-1
-CVE-2019-19037
-	[stretch] - linux 4.9.210-1
-CVE-2019-19049
-	[stretch] - linux 4.9.210-1
-CVE-2019-19051
-	[stretch] - linux 4.9.210-1
-CVE-2019-19052
-	[stretch] - linux 4.9.210-1
-CVE-2019-19056
-	[stretch] - linux 4.9.210-1
-CVE-2019-19057
-	[stretch] - linux 4.9.210-1
-CVE-2019-19062
-	[stretch] - linux 4.9.210-1
-CVE-2019-19063
-	[stretch] - linux 4.9.210-1
-CVE-2019-19066
-	[stretch] - linux 4.9.210-1
-CVE-2019-19068
-	[stretch] - linux 4.9.210-1
-CVE-2019-19227
-	[stretch] - linux 4.9.210-1
-CVE-2019-19332
-	[stretch] - linux 4.9.210-1
-CVE-2019-19447
-	[stretch] - linux 4.9.210-1
-CVE-2019-19523
-	[stretch] - linux 4.9.210-1
-CVE-2019-19524
-	[stretch] - linux 4.9.210-1
-CVE-2019-19525
-	[stretch] - linux 4.9.210-1
-CVE-2019-19527
-	[stretch] - linux 4.9.210-1
-CVE-2019-19530
-	[stretch] - linux 4.9.210-1
-CVE-2019-19531
-	[stretch] - linux 4.9.210-1
-CVE-2019-19532
-	[stretch] - linux 4.9.210-1
-CVE-2019-19533
-	[stretch] - linux 4.9.210-1
-CVE-2019-19534
-	[stretch] - linux 4.9.210-1
-CVE-2019-19535
-	[stretch] - linux 4.9.210-1
-CVE-2019-19536
-	[stretch] - linux 4.9.210-1
-CVE-2019-19537
-	[stretch] - linux 4.9.210-1
-CVE-2019-19767
-	[stretch] - linux 4.9.210-1
-CVE-2019-19947
-	[stretch] - linux 4.9.210-1
-CVE-2019-19965
-	[stretch] - linux 4.9.210-1
-CVE-2019-20096
-	[stretch] - linux 4.9.210-1
-CVE-2019-2215
-	[stretch] - linux 4.9.210-1
-CVE-2019-12614
-	[stretch] - linux 4.9.210-1
-CVE-2020-0030
-	[stretch] - linux 4.9.210-1
 CVE-2019-15695
 	[stretch] - tigervnc 1.7.0+dfsg-7+deb9u1
 CVE-2019-15694
author	Salvatore Bonaccorso <carnil@debian.org>	2020-02-07 09:13:48 +0100
committer	Salvatore Bonaccorso <carnil@debian.org>	2020-02-07 10:33:54 +0100
commit	b4e536f2baf8d54bd32241cd175d66c2654f1e16 (patch)
tree	de38257f958f5752b651506bd6395491f3c37b33 /data
parent	62c8c78db0a140088511630b3099b3b290ee1065 (diff)