[El-errata] ELSA-2012-0468 Important: Oracle Linux 5 libtiff security update

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Thu Apr 12 13:19:21 PDT 2012


Oracle Linux Security Advisory ELSA-2012-0468

https://rhn.redhat.com/errata/RHSA-2012-0468.html

The following updated rpms for Oracle Linux 5 have been uploaded to the 
Unbreakable Linux Network:

i386:
libtiff-3.8.2-14.el5_8.i386.rpm
libtiff-devel-3.8.2-14.el5_8.i386.rpm

x86_64:
libtiff-3.8.2-14.el5_8.i386.rpm
libtiff-3.8.2-14.el5_8.x86_64.rpm
libtiff-devel-3.8.2-14.el5_8.i386.rpm
libtiff-devel-3.8.2-14.el5_8.x86_64.rpm

ia64:
libtiff-3.8.2-14.el5_8.i386.rpm
libtiff-3.8.2-14.el5_8.ia64.rpm
libtiff-devel-3.8.2-14.el5_8.ia64.rpm


SRPMS:
http://oss.oracle.com/ol5/SRPMS-updates/libtiff-3.8.2-14.el5_8.src.rpm


Description of changes:

[3.8.2-14]
- Add fix for CVE-2012-1173
Resolves: #CVE-2012-1173

[3.8.2-13]
- Fix incorrect fix for CVE-2011-0192
Resolves: #688828
- Add fix for CVE-2011-1167
Resolves: #688745

[3.8.2-12]
- Add fix for CVE-2011-0192
Resolves: #679297

[3.8.2-11]
- Add fixes for multiple SIGSEGV problems, including CVE-2010-1411
Resolves: #602553

[3.8.2-10]
- Fix buffer overrun risks caused by unchecked integer overflow 
(CVE-2009-2347)
Resolves: #507726

[3.8.2-9]
- Fix some more LZW decoding vulnerabilities (CVE-2009-2285)
Resolves: #507726
- Update upstream URL

[3.8.2-8]
- Use -fno-strict-aliasing per rpmdiff recommendation





More information about the El-errata mailing list