[Oraclevm-errata] OVMSA-2017-0002 Moderate: Oracle VM 3.3 ghostscript security update

Errata Announcements for Oracle VM oraclevm-errata at oss.oracle.com
Wed Jan 4 13:10:25 PST 2017


Oracle VM Security Advisory OVMSA-2017-0002

The following updated rpms for Oracle VM 3.3 have been uploaded to the 
Unbreakable Linux Network:

x86_64:
ghostscript-8.70-21.el6_8.1.x86_64.rpm


SRPMS:
http://oss.oracle.com/oraclevm/server/3.3/SRPMS-updates/ghostscript-8.70-21.el6_8.1.src.rpm



Description of changes:

[8.70-21_1]
- Added security fixes for:
   - CVE-2013-5653 (bug #1380327)
   - CVE-2016-7977 (bug #1380415)
   - CVE-2016-7979 (bug #1382305)
   - CVE-2016-8602 (bug #1383940)

[8.70-21]
- Removed patch backup file from payload (bug #1027534).

[8.70-20]
- Applied patch from upstream to fix memory handling issue that could
   lead to crashes (bug #1105520).
- Improved support for PDF/A from upstream (bug #1060026).
- Back-ported patch to process embedded files as a portable collection
   only if there is a /Collection attribute (bug #1027534).
- Back-ported patch to preserve invisible PDF text in pdfwrite (bug 
#994452).

[8.70-19]
- Removed patch backup file from payload.

[8.70-18]
- Back-ported patch to fix rendering failure with incomplete EOF
   marker (bug #967935).

[8.70-17]
- Back-ported patch to implement JBIG2Decode generic regions using
   TPGDON (bug #916162).

[8.70-16]
- Back-ported patch to copy CIDFontType 2 properly (bug #893775).




More information about the Oraclevm-errata mailing list