Synopsis: Moderate: GFS security and bug fix update Issue date: 2010-03-30 CVE Names: CVE-2010-0727 A flaw was found in the gfs_lock() implementation. The GFS locking code could skip the lock operation for files that have the S_ISGID bit (set-group-ID on execution) in their mode set. A local, unprivileged user on a system that has a GFS file system mounted could use this flaw to cause a kernel panic. (CVE-2010-0727) As well, these updated GFS packages are in sync with the latest kernel (2.4.21-63.EL). The modules in earlier GFS packages fail to load because they do not match the running kernel. It is possible to force-load the modules; however, with this update, force-loading the modules is not required. (BZ#525198) Users are advised to upgrade to these latest GFS packages, which resolve this issue and are updated for use with the 2.4.21-63.EL kernel. SL 3.0.x SRPMS: GFS-6.0.2.36-13.src.rpm i386: GFS-6.0.2.36-13.i686.rpm GFS-devel-6.0.2.36-13.i686.rpm GFS-modules-6.0.2.36-13.i686.rpm GFS-modules-hugemem-6.0.2.36-13.i686.rpm GFS-modules-smp-6.0.2.36-13.i686.rpm x86_64: GFS-6.0.2.36-13.x86_64.rpm GFS-devel-6.0.2.36-13.x86_64.rpm GFS-modules-6.0.2.36-13.x86_64.rpm GFS-modules-smp-6.0.2.36-13.x86_64.rpm -Connie Sieh -Troy Dawson