From 05e8c04a698e9d913079ed97ef48f18f42fc5abc Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Wed, 27 Mar 2024 15:57:25 +0100
Subject: Track fixes in 6.7.11, 6.1.83, 5.10.214 and 4.19.311

---
 active/CVE-2023-52447 |  2 +-
 active/CVE-2023-6270  |  6 +++---
 active/CVE-2023-7042  |  9 +++++----
 active/CVE-2024-22099 | 15 ++++++++-------
 4 files changed, 17 insertions(+), 15 deletions(-)

(limited to 'active')

diff --git a/active/CVE-2023-52447 b/active/CVE-2023-52447
index 5fc00e93..67d51f49 100644
--- a/active/CVE-2023-52447
+++ b/active/CVE-2023-52447
@@ -9,7 +9,7 @@ upstream: released (6.8-rc1) [876673364161da50eed6b472d746ef88242b2368]
 6.7-upstream-stable: released (6.7.2) [bfd9b20c4862f41d4590fde11d70a5eeae53dcc5]
 6.6-upstream-stable: released (6.6.14) [f91cd728b10c51f6d4a39957ccd56d1e802fc8ee]
 6.1-upstream-stable: released (6.1.75) [62fca83303d608ad4fec3f7428c8685680bb01b0]
-5.10-upstream-stable: needed
+5.10-upstream-stable: released (5.10.214) [90c445799fd1dc214d7c6279c144e33a35e29ef2]
 4.19-upstream-stable: N/A "Vulnerable code not present"
 sid: released (6.6.15-1)
 6.1-bookworm-security: released (6.1.76-1)
diff --git a/active/CVE-2023-6270 b/active/CVE-2023-6270
index dbe9ff48..ec7f1f11 100644
--- a/active/CVE-2023-6270
+++ b/active/CVE-2023-6270
@@ -7,9 +7,9 @@ Notes:
  carnil> list_head (v3)")
 Bugs:
 upstream: released (6.9-rc1) [f98364e926626c678fb4b9004b75cacf92ff0662]
-6.1-upstream-stable: needed
-5.10-upstream-stable: needed
-4.19-upstream-stable: needed
+6.1-upstream-stable: released (6.1.83) [74ca3ef68d2f449bc848c0a814cefc487bf755fa]
+5.10-upstream-stable: released (5.10.214) [faf0b4c5e00bb680e8e43ac936df24d3f48c8e65]
+4.19-upstream-stable: released (4.19.311) [ad80c34944d7175fa1f5c7a55066020002921a99]
 sid: needed
 6.1-bookworm-security: needed
 5.10-bullseye-security: needed
diff --git a/active/CVE-2023-7042 b/active/CVE-2023-7042
index 07bcf6f8..105ea935 100644
--- a/active/CVE-2023-7042
+++ b/active/CVE-2023-7042
@@ -6,11 +6,12 @@ References:
 Notes:
  carnil> Commit fixes dc405152bb64 ("ath10k: handle mgmt tx completion
  carnil> event") in 4.19-rc1.
+ carnil> Fixed as well in 6.7.11 and 6.8.2.
 Bugs:
-upstream: needed
-6.1-upstream-stable: needed
-5.10-upstream-stable: needed
-4.19-upstream-stable: needed
+upstream: released (6.9-rc1) [ad25ee36f00172f7d53242dc77c69fff7ced0755]
+6.1-upstream-stable: released (6.1.83) [90f089d77e38db1c48629f111f3c8c336be1bc38]
+5.10-upstream-stable: released (5.10.214) [e1dc7aa814a95aeeb1b2c05be2b62af8423b15cc]
+4.19-upstream-stable: released (4.19.311) [0cd3b0a1dc987697cba1fe93c784365aa1f8a230]
 sid: needed
 6.1-bookworm-security: needed
 5.10-bullseye-security: needed
diff --git a/active/CVE-2024-22099 b/active/CVE-2024-22099
index 2f933436..0e277163 100644
--- a/active/CVE-2024-22099
+++ b/active/CVE-2024-22099
@@ -10,12 +10,13 @@ Notes:
  carnil> v2.6.12-rc2." and gives an indication on affected ranges from
  carnil> v2.6.12-rc2 before v6.8-rc1. The OpenAnolis issue is to date
  carnil> (2024-01-25) still restricted.
+ carnil> Fixed in 6.7.11 as well.
 Bugs:
 upstream: released (6.8-rc7) [2535b848fa0f42ddff3e5255cf5e742c9b77bb26]
-6.1-upstream-stable:
-5.10-upstream-stable:
-4.19-upstream-stable:
-sid:
-6.1-bookworm-security:
-5.10-bullseye-security:
-4.19-buster-security:
+6.1-upstream-stable: released (6.1.83) [567c0411dc3b424fc7bd1e6109726d7ba32d4f73]
+5.10-upstream-stable: released (5.10.214) [81d7d920a22fd58ef9aedb1bd0a68ee32bd23e96]
+4.19-upstream-stable: released (4.19.311) [369f419c097e82407dd429a202cde9a73d3ae29b]
+sid: needed
+6.1-bookworm-security: needed
+5.10-bullseye-security: needed
+4.19-buster-security: needed
-- 
cgit v1.2.3