[El-errata] ELSA-2012-0095 Moderate: Oracle Linux 6 ghostscript security update
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Fri Feb 3 18:52:25 PST 2012
Oracle Linux Security Advisory ELSA-2012-0095
https://rhn.redhat.com/errata/RHSA-2012-0095.html
The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:
i386:
ghostscript-8.70-11.el6_2.6.i686.rpm
ghostscript-devel-8.70-11.el6_2.6.i686.rpm
ghostscript-doc-8.70-11.el6_2.6.i686.rpm
ghostscript-gtk-8.70-11.el6_2.6.i686.rpm
x86_64:
ghostscript-8.70-11.el6_2.6.i686.rpm
ghostscript-8.70-11.el6_2.6.x86_64.rpm
ghostscript-devel-8.70-11.el6_2.6.i686.rpm
ghostscript-devel-8.70-11.el6_2.6.x86_64.rpm
ghostscript-doc-8.70-11.el6_2.6.x86_64.rpm
ghostscript-gtk-8.70-11.el6_2.6.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/ghostscript-8.70-11.el6_2.6.src.rpm
Description of changes:
[8.70-11:.6]
- Applied upstream fix to last patch (CVE-2010-4054, bug #646086).
[8.70-11:.5]
- Applied patch to prevent null pointer dereference (CVE-2010-4054,
bug #646086).
[8.70-11:.4]
- Don't ship patch backup files for CVE-2010-2055.
[8.70-11:.3]
- Applied patch to prevent integer underflow in TrueType bytecode
interpreter (CVE-2009-3743, bug #627902).
- Applied patch to avoid reading initialization files from CWD
(CVE-2010-2055, bug #599564).
More information about the El-errata
mailing list