On Tue, 12 Feb 2008, Jon Peatfield wrote:

> In the remote chance that people here havn't already spotted it (there was 
> mention of it on one of the Centos lists yesterday and lots of other places), 
> there is likely to be a kernel security update for el-5 really soon (el-4 and 
> earlier are not affected).
>
>  https://bugzilla.redhat.com/show_bug.cgi?id=432251
>
> Comment #39 says:
>
>  ... and are finishing up the QA process for Red Hat Enterprise Linux 5.
>  We expect this to be completed shortly (pending successful completion of
>  testing).  This will be RHSA-2008:0129.
>
> I'm assuming that since this is an urgent security issue they will just be 
> adding the trivial upstream patch into kernel -53.1.x rather than waiting for 
> -79+ to finish full QA.

The announcement for -53.1.13 just arrived. Alas, the SRPM is not yet on 
their ftp server, hence I couldn't check what's actually in there, and 
Connie and Troy can't rebuild it.

We're rolling out an emergency build on certain systems tonight, with a 
patch that at least renders the public exploit useless. If anyone wants 
it, let me know whithin the next 1.5 hours and I'll make it accessible via
http.

-- 
Stephan Wiesand
   DESY - DV -
   Platanenallee 6
   15738 Zeuthen, Germany