SCIENTIFIC-LINUX-ERRATA Archives

April 2017

SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV
Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
Security ERRATA Moderate: libguestfs on SL6.x x86_64
From:
Pat Riehecky <[log in to unmask]>
Reply To:
[log in to unmask]
Date:
Wed, 5 Apr 2017 15:06:08 -0000
Content-Type:
text/plain
Parts/Attachments:
text/plain (34 lines) 
Synopsis:          Moderate: libguestfs security and bug fix update
Advisory ID:       SLSA-2017:0564-1
Issue Date:        2017-03-21
CVE Numbers:       CVE-2015-8869
--

Security Fix(es):

* An integer conversion flaw was found in the way OCaml's String handled
its length. Certain operations on an excessively long String could trigger
a buffer overflow or result in an information leak. (CVE-2015-8869)

Note: The libguestfs packages in this advisory were rebuilt with a fixed
version of OCaml to address this issue.
--

SL6
  x86_64
    libguestfs-1.20.11-20.el6.x86_64.rpm
    libguestfs-debuginfo-1.20.11-20.el6.x86_64.rpm
    libguestfs-java-1.20.11-20.el6.x86_64.rpm
    libguestfs-tools-1.20.11-20.el6.x86_64.rpm
    libguestfs-tools-c-1.20.11-20.el6.x86_64.rpm
    perl-Sys-Guestfs-1.20.11-20.el6.x86_64.rpm
    python-libguestfs-1.20.11-20.el6.x86_64.rpm
    libguestfs-devel-1.20.11-20.el6.x86_64.rpm
    libguestfs-java-devel-1.20.11-20.el6.x86_64.rpm
    libguestfs-javadoc-1.20.11-20.el6.x86_64.rpm
    ocaml-libguestfs-1.20.11-20.el6.x86_64.rpm
    ocaml-libguestfs-devel-1.20.11-20.el6.x86_64.rpm
    ruby-libguestfs-1.20.11-20.el6.x86_64.rpm

- Scientific Linux Development Team

ATOM RSS1 RSS2