[Oraclevm-errata] OVMSA-2017-0002 Moderate: Oracle VM 3.3 ghostscript security update
Errata Announcements for Oracle VM
oraclevm-errata at oss.oracle.com
Wed Jan 4 13:10:25 PST 2017
Oracle VM Security Advisory OVMSA-2017-0002
The following updated rpms for Oracle VM 3.3 have been uploaded to the
Unbreakable Linux Network:
x86_64:
ghostscript-8.70-21.el6_8.1.x86_64.rpm
SRPMS:
http://oss.oracle.com/oraclevm/server/3.3/SRPMS-updates/ghostscript-8.70-21.el6_8.1.src.rpm
Description of changes:
[8.70-21_1]
- Added security fixes for:
- CVE-2013-5653 (bug #1380327)
- CVE-2016-7977 (bug #1380415)
- CVE-2016-7979 (bug #1382305)
- CVE-2016-8602 (bug #1383940)
[8.70-21]
- Removed patch backup file from payload (bug #1027534).
[8.70-20]
- Applied patch from upstream to fix memory handling issue that could
lead to crashes (bug #1105520).
- Improved support for PDF/A from upstream (bug #1060026).
- Back-ported patch to process embedded files as a portable collection
only if there is a /Collection attribute (bug #1027534).
- Back-ported patch to preserve invisible PDF text in pdfwrite (bug
#994452).
[8.70-19]
- Removed patch backup file from payload.
[8.70-18]
- Back-ported patch to fix rendering failure with incomplete EOF
marker (bug #967935).
[8.70-17]
- Back-ported patch to implement JBIG2Decode generic regions using
TPGDON (bug #916162).
[8.70-16]
- Back-ported patch to copy CIDFontType 2 properly (bug #893775).
More information about the Oraclevm-errata
mailing list