SCIENTIFIC-LINUX-USERS Archives

August 2009

SCIENTIFIC-LINUX-USERS@LISTSERV.FNAL.GOV
Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
Re: Security ERRATA Important: kernel for SL 5.x on i386/x86_64
From:
Dr Andrew C Aitchison <[log in to unmask]>
Reply To:
Dr Andrew C Aitchison <[log in to unmask]>
Date:
Sun, 9 Aug 2009 19:53:21 +0100
Content-Type:
TEXT/PLAIN
Parts/Attachments:
TEXT/PLAIN (43 lines) 
On Sun, 9 Aug 2009, Connie Sieh wrote:

> On Sun, 9 Aug 2009, Dr Andrew C Aitchison wrote:

> The glibc is already built.  I will get it out soon.

Thanks very much indeed.

>> https://rhn.redhat.com/errata/RHBA-2009-1202.html
>> or for Firefox 3.0.13
>> http://www.mozilla.org/security/known-vulnerabilities/firefox30.html
>
> Do not know if the latest firefox that was released 1.5 weeks ago has this 
> fix.  You can check the changelog on the firefox rpm for the CVE's that it 
> fixed.
>  rpm -q --changelog firefox

I'm afraid it just says:

* Thu Jul 09 2009 Jan Horak <[log in to unmask]> - 3.0.12-1
- Update to 3.0.12

CVE-2009-2404 was reported to Mozilla on 2009-07-15 
(see https://bugzilla.mozilla.org/show_bug.cgi?id=504456)
so I doubt RedHat had sneaked an extra fix in.

The flaw seems to have been reported at Black Hat
 	http://www.wired.com/threatlevel/2009/07/kaminsky/
so I expect attackes will be appearing on websites soon :-(

I fear that this will require a new Firefox.

>   I am actually on vacation right now and have to checkout of the 
> hotel in 5 minutes so do not have time to check for you.

Have a great holiday.

Thanks,

-- 
Dr. Andrew C. Aitchison		Computer Officer, DPMMS, Cambridge
[log in to unmask]	http://www.dpmms.cam.ac.uk/~werdna

ATOM RSS1 RSS2