[Oraclevm-errata] OVMSA-2009-0027 Moderate: Oracle VM 2.1 libtiff security update
Errata Announcements for Oracle VM
oraclevm-errata at oss.oracle.com
Mon Oct 19 10:19:23 PDT 2009
Oracle VM Security Advisory OVMSA-2009-0027
The following updated rpms for Oracle VM 2.1 have been uploaded to the
Unbreakable Linux Network:
i386:
libtiff-3.8.2-7.el5_3.4.i386.rpm
libtiff-devel-3.8.2-7.el5_3.4.i386.rpm
SRPMS:
http://oss.oracle.com/oraclevm/server/SRPMS-updates/libtiff-3.8.2-7.el5_3.4.src.rpm
Description of changes:
[3.8.2-7.el5.4]
- Fix buffer overrun risks caused by unchecked integer overflow
(CVE-2009-2347)
Resolves: #507725
[3.8.2-7.el5.3]
- Fix some more LZW decoding vulnerabilities (CVE-2009-2285)
Resolves: #507725
- Update upstream URL
[3.8.2-7.el5.2]
- Use -fno-strict-aliasing per rpmdiff recommendation
[3.8.2-7.el5.1]
- Fix LZW decoding vulnerabilities (CVE-2008-2327)
Resolves: #458812
- Remove sgi2tiff.1 and tiffsv.1, since they are for programs we don't ship
Resolves: #460120
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://oss.oracle.com/pipermail/oraclevm-errata/attachments/20091019/5cc090b0/attachment.html
More information about the Oraclevm-errata
mailing list