On Sat, 8 Aug 2009, Connie Sieh wrote:

> Synopsis:          Important: kernel
> CVE Names:         CVE-2007-5966 CVE-2009-1385 CVE-2009-1388
>                      CVE-2009-1389 CVE-2009-1895 CVE-2009-2406
>                      CVE-2009-2407
>
>     CVE-2007-5966 kernel: non-root can trigger cpu_idle soft lockup
>     CVE-2009-1385 kernel: e1000_clean_rx_irq() denial of service
>     CVE-2009-1388 kernel: do_coredump() vs ptrace_start() deadlock
>     CVE-2009-1389 kernel: r8169: fix crash when large packets are received
>     CVE-2009-1895 kernel: personality: fix PER_CLEAR_ON_SETID
>     CVE-2009-2406 kernel: ecryptfs stack overflow in parse_tag_11_packet()
>     CVE-2009-2407 kernel: ecryptfs heap overflow in parse_tag_3_packet()


> SRPMS:
>      kernel-2.6.18-128.4.1.el5.src.rpm

Thanks.

Do you have an ETA for the glibc bugfix 
https://rhn.redhat.com/errata/RHBA-2009-1202.html
or for Firefox 3.0.13
http://www.mozilla.org/security/known-vulnerabilities/firefox30.html
?

If either or both is expected soon I would like to avoid
three reboots of 100 workstations.

(No, I don't *need* to reboot for either of these. The glibc
update could wait until the machine reboots for some other reason.
The kernel reboot would be a good way to force users to quit their
running firefox and run the new, more secure version.)

Thanks,

-- 
Dr. Andrew C. Aitchison		Computer Officer, DPMMS, Cambridge
[log in to unmask]	http://www.dpmms.cam.ac.uk/~werdna