Andrew,
On Sun, 9 Aug 2009, Dr Andrew C Aitchison wrote:
On Sat, 8 Aug 2009, Connie Sieh wrote:Synopsis: Important: kernel CVE Names: CVE-2007-5966 CVE-2009-1385 CVE-2009-1388 CVE-2009-1389 CVE-2009-1895 CVE-2009-2406 CVE-2009-2407 CVE-2007-5966 kernel: non-root can trigger cpu_idle soft lockup CVE-2009-1385 kernel: e1000_clean_rx_irq() denial of service CVE-2009-1388 kernel: do_coredump() vs ptrace_start() deadlock CVE-2009-1389 kernel: r8169: fix crash when large packets are received CVE-2009-1895 kernel: personality: fix PER_CLEAR_ON_SETID CVE-2009-2406 kernel: ecryptfs stack overflow in parse_tag_11_packet() CVE-2009-2407 kernel: ecryptfs heap overflow in parse_tag_3_packet()SRPMS: kernel-2.6.18-128.4.1.el5.src.rpmThanks. Do you have an ETA for the glibc bugfix
The glibc is already built. I will get it out soon.
https://rhn.redhat.com/errata/RHBA-2009-1202.html or for Firefox 3.0.13 http://www.mozilla.org/security/known-vulnerabilities/firefox30.html
Do not know if the latest firefox that was released 1.5 weeks ago has this fix. You can check the changelog on the firefox rpm for the CVE's that it fixed. I am actually on vacation right now and have to checkout of the hotel in 5 minutes so do not have time to check for you.
rpm -q --changelog firefox -connie > ? >
If either or both is expected soon I would like to avoid three reboots of 100 workstations. (No, I don't *need* to reboot for either of these. The glibc update could wait until the machine reboots for some other reason. The kernel reboot would be a good way to force users to quit their running firefox and run the new, more secure version.) Thanks, -- Dr. Andrew C. Aitchison Computer Officer, DPMMS, Cambridge [email protected] http://www.dpmms.cam.ac.uk/~werdna
