From 30e923c9029fa0f9ba1976670c8ee73cbf02169e Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Sun, 9 Feb 2020 21:22:45 +0100
Subject: Retire some CVEs

---
 retired/CVE-2019-15917 | 15 +++++++++++++++
 1 file changed, 15 insertions(+)
 create mode 100644 retired/CVE-2019-15917

(limited to 'retired/CVE-2019-15917')

diff --git a/retired/CVE-2019-15917 b/retired/CVE-2019-15917
new file mode 100644
index 000000000..8db4a4935
--- /dev/null
+++ b/retired/CVE-2019-15917
@@ -0,0 +1,15 @@
+Description: Bluetooth: hci_ldisc: Postpone HCI_UART_PROTO_READY bit set in hci_uart_set_proto()
+References:
+Notes:
+ bwh> Maybe introduced in 4.7 by commit 84cb3df02aea "Bluetooth: hci_ldisc:
+ bwh> Fix null pointer derefence in case of early data", but I suspect a
+ bwh> similar issue existed before that too.
+Bugs:
+upstream: released (5.1-rc1) [56897b217a1d0a91c9920cb418d6b3fe922f590a]
+4.19-upstream-stable: released (4.19.32) [e365b94086f9dec02ddfcc193dcad72858c6d973]
+4.9-upstream-stable: released (4.9.202) [3858f013de0ae5a19b8276944e12fd01b0cac979]
+3.16-upstream-stable: released (3.16.74) [a79897227b81d588130813e83084b836733cb146]
+sid: released (4.19.37-1)
+4.19-buster-security: N/A "Fixed before branching point"
+4.9-stretch-security: released (4.9.210-1)
+3.16-jessie-security: released (3.16.74-1)
-- 
cgit v1.2.3