On Sat, 8 Aug 2009, Connie Sieh wrote:
> Synopsis: Important: kernel
> CVE Names: CVE-2007-5966 CVE-2009-1385 CVE-2009-1388
> CVE-2009-1389 CVE-2009-1895 CVE-2009-2406
> CVE-2009-2407
>
> CVE-2007-5966 kernel: non-root can trigger cpu_idle soft lockup
> CVE-2009-1385 kernel: e1000_clean_rx_irq() denial of service
> CVE-2009-1388 kernel: do_coredump() vs ptrace_start() deadlock
> CVE-2009-1389 kernel: r8169: fix crash when large packets are received
> CVE-2009-1895 kernel: personality: fix PER_CLEAR_ON_SETID
> CVE-2009-2406 kernel: ecryptfs stack overflow in parse_tag_11_packet()
> CVE-2009-2407 kernel: ecryptfs heap overflow in parse_tag_3_packet()
> SRPMS:
> kernel-2.6.18-128.4.1.el5.src.rpm
Thanks.
Do you have an ETA for the glibc bugfix
https://rhn.redhat.com/errata/RHBA-2009-1202.html
or for Firefox 3.0.13
http://www.mozilla.org/security/known-vulnerabilities/firefox30.html
?
If either or both is expected soon I would like to avoid
three reboots of 100 workstations.
(No, I don't *need* to reboot for either of these. The glibc
update could wait until the machine reboots for some other reason.
The kernel reboot would be a good way to force users to quit their
running firefox and run the new, more secure version.)
Thanks,
--
Dr. Andrew C. Aitchison Computer Officer, DPMMS, Cambridge
[log in to unmask]http://www.dpmms.cam.ac.uk/~werdna