move retired to the top level hierarchy so people can easily checkout just the active issues

git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@548 e094ebfe-e918-0410-adfb-c712417f3574

1 files changed, 27 insertions, 0 deletions

diff --git a/retired/CVE-2004-1017 b/retired/CVE-2004-1017
new file mode 100644
index 00000000..20d4709b
--- /dev/null
+++ b/retired/CVE-2004-1017
@@ -0,0 +1,27 @@
+Candidate: CVS-2004-1017
+References: 
+ FEDORA:FLSA:2336
+ URL:https://bugzilla.fedora.us/show_bug.cgi?id=2336
+ REDHAT:RHSA-2004:689
+ URL:http://www.redhat.com/support/errata/RHSA-2004-689.html
+ XF:linux-ioedgeport-bo(18433)
+ URL:http://xforce.iss.net/xforce/xfdb/18433
+Description: 
+ Multiple "overflows" in the io_edgeport driver for Linux kernel 2.4.x have
+ unknown impact and unknown attack vectors.
+Notes: 
+ jmm> I've checked 2.6.14, but I didn't find the exact upstream version when
+ jmm> this was fixed
+ jmm> The fix is required for 2.6.8
+Bugs: 
+upstream: 
+linux-2.6: released (2.4.31-rc1, 2.6.10)
+2.6.8-sarge-security: released (2.6.8-16sarge2) [io_edgeport_overflow.dpatch]
+2.4.27-sarge-security: released (2.4.27-9) [137_io_edgeport_overflow.diff]
+2.4.19-woody-security: released (2.4.19-4.woody3)
+2.4.18-woody-security: released (2.4.18-14.4)
+2.4.17-woody-security: released (2.4.17-1woody4)
+2.4.16-woody-security: released (2.4.16-1woody3)
+2.4.17-woody-security-hppa: released (32.5)
+2.4.17-woody-security-ia64: released (011226.18)
+2.4.18-woody-security-hppa: released (62.4)