Retire some CVEs

author: Salvatore Bonaccorso <carnil@debian.org> 2020-02-09 21:22:45 +0100
committer: Salvatore Bonaccorso <carnil@debian.org> 2020-02-09 21:22:45 +0100
commit: 30e923c9029fa0f9ba1976670c8ee73cbf02169e (patch)
tree: 87b0fd686e9a24569aaaf32fc5792062600f7517 /retired/CVE-2019-18660
parent: 00d322afed3dc04e74ab0037716e96278c5b8ac6 (diff)
1 files changed, 17 insertions, 0 deletions
diff --git a/retired/CVE-2019-18660 b/retired/CVE-2019-18660
new file mode 100644
index 00000000..c3a34051
--- /dev/null
+++ b/retired/CVE-2019-18660
@@ -0,0 +1,17 @@
+Description: powerpc: missing Spectre-RSB mitigation
+References:
+ https://www.openwall.com/lists/oss-security/2019/11/27/1
+Notes:
+ carnil> Technically (resp. from CVE assignment point of view) the CVE
+ carnil> is solely for the missing Spectre-RSB mitigation and
+ carnil> 39e72bf96f58 ("powerpc/book3s64: Fix link stack flush on
+ carnil> context switch").
+Bugs:
+upstream: released (5.5-rc1) [39e72bf96f5847ba87cc5bd7a3ce0fed813dc9ad, af2e8c68b9c5403f77096969c516f742f5bb29e0]
+4.19-upstream-stable: released (4.19.87) [0a60d4bddc0ba6a7e06d10efa59f7861837860b0, 345712c95eec44bf414782b33e6d5a550fe62b3b]
+4.9-upstream-stable: released (4.9.204) [113408cdaec11a6e34d4edabb134a335dd4896b3, e2c87b1ba04bd5042f6db0780ed55abaf4836378]
+3.16-upstream-stable: ignored "No speculation mitigations available for powerpc"
+sid: released (5.3.15-1)
+4.19-buster-security: released (4.19.87-1)
+4.9-stretch-security: released (4.9.210-1)
+3.16-jessie-security: ignored "powerpc not supported in LTS"
author	Salvatore Bonaccorso <carnil@debian.org>	2020-02-09 21:22:45 +0100
committer	Salvatore Bonaccorso <carnil@debian.org>	2020-02-09 21:22:45 +0100
commit	30e923c9029fa0f9ba1976670c8ee73cbf02169e (patch)
tree	87b0fd686e9a24569aaaf32fc5792062600f7517 /retired/CVE-2019-18660
parent	00d322afed3dc04e74ab0037716e96278c5b8ac6 (diff)