move retired to the top level hierarchy so people can easily checkout just the active issues

git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@548 e094ebfe-e918-0410-adfb-c712417f3574

1 files changed, 36 insertions, 0 deletions

diff --git a/retired/CVE-2003-0461 b/retired/CVE-2003-0461
new file mode 100644
index 00000000..c947ee68
--- /dev/null
+++ b/retired/CVE-2003-0461
@@ -0,0 +1,36 @@
+Candidate: CVE-2003-0461
+References: 
+ MISC:http://rsbac.dyndns.org/pipermail/rsbac/2002-May/000162.html
+ REDHAT:RHSA-2003:238
+ URL:http://www.redhat.com/support/errata/RHSA-2003-238.html
+ REDHAT:RHSA-2004:188
+ URL:http://www.redhat.com/support/errata/RHSA-2004-188.html
+ DEBIAN:DSA-358
+ URL:http://www.debian.org/security/2004/dsa-358
+ DEBIAN:DSA-423
+ URL:http://www.debian.org/security/2004/dsa-423
+ OVAL:OVAL304
+ URL:http://oval.mitre.org/oval/definitions/data/oval304.html
+ OVAL:OVAL997
+ URL:http://oval.mitre.org/oval/definitions/data/oval997.html
+ Description: 
+ /proc/tty/driver/serial in Linux 2.4.x reveals the exact number
+ of characters used in serial links, which could allow local users
+ to obtain potentially sensitive information such as the length of
+ passwords.
+Notes: 
+ dannf> Here's the patches I used:
+ http://linux.bkbits.net:8080/linux-2.4/cset@41a6020dX1GoVx_Eydy1jUOqc11tpw?nav=index.html|src/|src/fs|src/fs/proc|related/fs/proc/proc_tty.c
+ http://linux.bkbits.net:8080/linux-2.4/cset@41aca810DvutJ8aEj43OuUqJ4e1EIw?nav=index.html|src/|src/include|src/include/linux|related/include/linux/proc_fs.h
+Bugs: 
+upstream: released (2.4.29-pre2, 2.6.1)
+linux-2.6: N/A
+2.6.8-sarge-security: N/A
+2.4.27-sarge-security: released (2.4.27-1) [025_proc_tty_security.diff]
+2.4.19-woody-security: released (2.4.19-4.woody3)
+2.4.18-woody-security: released (2.4.18-10)
+2.4.17-woody-security: released (2.4.17-1woody4)
+2.4.16-woody-security: released (2.4.16-1woody3)
+2.4.17-woody-security-hppa: released (32.5)
+2.4.17-woody-security-ia64: released (011226.14.1)
+2.4.18-woody-security-hppa: released (62.4)