move retired to the top level hierarchy so people can easily checkout just the active issues

git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@548 e094ebfe-e918-0410-adfb-c712417f3574

1 files changed, 37 insertions, 0 deletions

diff --git a/retired/CVE-2003-0476 b/retired/CVE-2003-0476
new file mode 100644
index 00000000..03d471c1
--- /dev/null
+++ b/retired/CVE-2003-0476
@@ -0,0 +1,37 @@
+Candidate: CVE-2003-0476
+References: 
+ BUGTRAQ:20030626 Linux 2.4.x execve() file read race vulnerability
+ URL:http://marc.theaimsgroup.com/?l=bugtraq&m=105664924024009&w=2
+ MANDRAKE:MDKSA-2003:074
+ URL:http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:074
+ REDHAT:RHSA-2003:238
+ URL:http://www.redhat.com/support/errata/RHSA-2003-238.html
+ REDHAT:RHSA-2003:368
+ URL:http://www.redhat.com/support/errata/RHSA-2003-368.html
+ REDHAT:RHSA-2003:408
+ URL:http://www.redhat.com/support/errata/RHSA-2003-408.html
+ SUSE:SuSE-SA:2003:034
+ DEBIAN:DSA-358
+ URL:http://www.debian.org/security/2004/dsa-358
+ DEBIAN:DSA-423
+ URL:http://www.debian.org/security/2004/dsa-423
+ OVAL:OVAL327
+ URL:http://oval.mitre.org/oval/definitions/data/oval327.html
+Description: 
+ The execve system call in Linux 2.4.x records the file
+ descriptor of the executable process in the file table of the
+ calling process, which allows local users to gain read access to
+ restricted file descriptors.
+Notes: 
+Bugs: 
+upstream: released (2.4.22-pre4, 2.6.1)
+linux-2.6: N/A
+2.6.8-sarge-security: N/A
+2.4.27-sarge-security: N/A
+2.4.19-woody-security: released (2.4.19-4.woody3)
+2.4.18-woody-security: released (2.4.18-10)
+2.4.17-woody-security: released (2.4.17-1woody4)
+2.4.16-woody-security: released (2.4.16-1woody3)
+2.4.17-woody-security-hppa: released (32.5)
+2.4.17-woody-security-ia64: released (011226.14.1)
+2.4.18-woody-security-hppa: released (62.4)