Hi Troy, Connie,

So, there's a new kernel out for SL4x, 2.6.9-89.0.7.
 From the ERRATA you sent out (see edited email below), it appears this
does *not* fix the vulnerability (CVE-2009-2692) that I just mitigated
with the module-remove/move-to-a-safedir script I just ran over the
weekend - true?
(re:  https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2009-2692)

Downloading and installing this new kernel, I now have the bluetooth and
the other offending modules in the /lib/modules area.

So I assume I now need to run the script again?

(actually I did anyway on a test box and it moved bluetooth.ko, sctp.ko,
pppoe.ko, and pppox.ko to the safedir.)

Thanks!
- Larry

-------- Original Message --------
Subject: Security ERRATA Important: kernel on SL4.x i386/x86_64
Date: Tue, 18 Aug 2009 16:53:33 -0500
From: Troy Dawson <[log in to unmask]>
To: [log in to unmask] <[log in to unmask]>

Synopsis:	Important: kernel security and bug fix update
Issue date:	2009-08-13
CVE Names:	CVE-2009-1389 CVE-2009-1439 CVE-2009-1633

CVE-2009-1439 kernel: cifs: memory overwrite when saving
nativeFileSystem field during mount
CVE-2009-1633 kernel: cifs: fix potential buffer overruns when
converting unicode strings sent by server
CVE-2009-1389 kernel: r8169: fix crash when large packets are received

	[snip...]

-------- End Original Message --------


-- 
P. Larry Nelson (217-244-9855) | Systems/Network Administrator
461 Loomis Lab                 | High Energy Physics Group
1110 W. Green St., Urbana, IL  | Physics Dept., Univ. of Ill.
MailTo:[log in to unmask]        | http://www.roadkill.com/lnelson/
-------------------------------------------------------------------
  "Information without accountability is just noise."  - P.L. Nelson