[El-errata] ELSA-2009-0339 Moderate: Enterprise Linux 5 lcms security update

Thu Mar 19 16:00:46 PDT 2009

Enterprise Linux Security Advisory ELSA-2009-0339

https://rhn.redhat.com/errata/RHSA-2009-0339.html

The following updated rpms for Enterprise Linux 5 have been uploaded to 
the Unbreakable Linux Network:

i386:
lcms-1.18-0.1.beta1.el5_3.2.i386.rpm
lcms-devel-1.18-0.1.beta1.el5_3.2.i386.rpm
python-lcms-1.18-0.1.beta1.el5_3.2.i386.rpm

x86_64:
lcms-1.18-0.1.beta1.el5_3.2.i386.rpm
lcms-1.18-0.1.beta1.el5_3.2.x86_64.rpm
lcms-devel-1.18-0.1.beta1.el5_3.2.i386.rpm
lcms-devel-1.18-0.1.beta1.el5_3.2.x86_64.rpm
python-lcms-1.18-0.1.beta1.el5_3.2.x86_64.rpm

SRPMS:
http://oss.oracle.com/el5/SRPMS-updates/lcms-1.18-0.1.beta1.el5_3.2.src.rpm

Description of changes:

[1.18-beta1.1.el5_3.2]
- Add patch theoretically preventing division by zero

[1.18-beta1.1.el5_3.1]
- Rebase to upstream 1.18beta1
- CVE-2009-0581 LittleCms memory leak
- CVE-2009-0723 LittleCms integer overflow
- CVE-2009-0733 LittleCms lack of upper-bounds check on sizes
- Resolves: #487513

-------------- next part --------------
A non-text attachment was scrubbed...
Name: deepak.patel.vcf
Type: text/x-vcard
Size: 105 bytes
Desc: not available
Url : http://oss.oracle.com/pipermail/el-errata/attachments/20090319/04a41c8c/attachment.vcf 