An upgraded net-snmp package is now available for VL 5.9 and VL 5.9.1. Earlier packages contain a vulnerability that could allow a denial of service (DOS) attack to succeed. See:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4309
A new package is now available in the VL 5.9 testing repository. Any users who have net-snmp installed on a VL 5.9 or VL 5.9.1 system may wish to upgrade. This package will be moved to the patches repository as soon as we have adequate user feedback.