move retired to the top level hierarchy so people can easily checkout just the active issues

git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@548 e094ebfe-e918-0410-adfb-c712417f3574

1 files changed, 27 insertions, 0 deletions

diff --git a/retired/CVE-2005-0176 b/retired/CVE-2005-0176
new file mode 100644
index 00000000..87dd16a6
--- /dev/null
+++ b/retired/CVE-2005-0176
@@ -0,0 +1,27 @@
+Candidate: CVE-2005-0176
+References: 
+ http://marc.theaimsgroup.com/?l=full-disclosure&m=110846102231365&w=2
+ http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000930
+ http://www.redhat.com/support/errata/RHSA-2005-092.html
+ http://oval.mitre.org/oval/definitions/data/oval1225.html
+ http://www.kernel.org/git/?p=linux/kernel/git/tglx/history.git;a=commit;h=2637792e3d9ae50079238615fd16384a0d393b30
+Description: 
+ The shmctl function in Linux 2.6.9 and earlier allows local users to unlock
+ the memory of other processes, which could cause sensitive memory to be swapped
+ to disk, which could allow it to be read by other users once it has been released.
+Notes: 
+ It appears that 2.6.8 and earlier are not vulnerable as prior to the
+ following patch, local users could not effect lock or unlock
+ http://www.kernel.org/git/?p=linux/kernel/git/tglx/history.git;a=commit;h=16698c49bbb42567c0bbc528d3820d18885e4642
+ That is, only 2.6.10 is effected.
+Bugs: 
+upstream: 
+linux-2.6: N/A
+2.6.8-sarge-security: N/A
+2.4.27-sarge-security: N/A
+2.4.19-woody-security: N/A
+2.4.18-woody-security: N/A
+2.4.17-woody-security: N/A
+2.4.16-woody-security: N/A
+2.4.17-woody-security-hppa: N/A
+2.4.17-woody-security-ia64: N/A