Synopsis:	Moderate: GFS security and bug fix update
Issue date:	2010-03-30
CVE Names:	CVE-2010-0727

A flaw was found in the gfs_lock() implementation. The GFS locking code
could skip the lock operation for files that have the S_ISGID bit
(set-group-ID on execution) in their mode set. A local, unprivileged 
user on a system that has a GFS file system mounted could use this flaw 
to cause a kernel panic. (CVE-2010-0727)

As well, these updated GFS packages are in sync with the latest kernel
(2.4.21-63.EL). The modules in earlier GFS packages fail to load because
they do not match the running kernel. It is possible to force-load the
modules; however, with this update, force-loading the modules is not
required. (BZ#525198)

Users are advised to upgrade to these latest GFS packages, which resolve
this issue and are updated for use with the 2.4.21-63.EL kernel.

SL 3.0.x

      SRPMS:
GFS-6.0.2.36-13.src.rpm
      i386:
GFS-6.0.2.36-13.i686.rpm
GFS-devel-6.0.2.36-13.i686.rpm
GFS-modules-6.0.2.36-13.i686.rpm
GFS-modules-hugemem-6.0.2.36-13.i686.rpm
GFS-modules-smp-6.0.2.36-13.i686.rpm
      x86_64:
GFS-6.0.2.36-13.x86_64.rpm
GFS-devel-6.0.2.36-13.x86_64.rpm
GFS-modules-6.0.2.36-13.x86_64.rpm
GFS-modules-smp-6.0.2.36-13.x86_64.rpm

-Connie Sieh
-Troy Dawson