[Oraclevm-errata] OVMSA-2016-0065 Oracle VM 3.2 nspr security update

Errata Announcements for Oracle VM oraclevm-errata at oss.oracle.com
Tue Jun 21 10:07:47 PDT 2016


Oracle VM Security Advisory OVMSA-2016-0065

The following updated rpms for Oracle VM 3.2 have been uploaded to the 
Unbreakable Linux Network:

x86_64:
nspr-4.11.0-1.el5_11.x86_64.rpm


SRPMS:
http://oss.oracle.com/oraclevm/server/3.2/SRPMS-updates/nspr-4.11.0-1.el5_11.src.rpm



Description of changes:

[4.11.0-0.1]
- Rebase to NSPR 4.11
- Resolves: Bug 1297943 - Rebase RHEL 5.11.z to NSPR 4.11 in preparation 
for Firefox 45

[4.10.8-2]
- Resolves: Bug 1269359 - CVE-2015-7183
- nspr: heap-buffer overflow in PL_ARENA_ALLOCATE can lead to crash 
(under ASAN), potential memory corruption [rhel-5.11.z]

[4.10.8-1]
- Rebase to nspr-4.10.8
- Resolves: Bug 1200921 - Rebase nspr to 4.10.8 for Firefox 38 ESR 
[RHEL-5.11]

[4.10.6-1]
- Rebase to nspr-4.10.6
- Resolves: Bug 1110857 - Rebase nspr in RHEL 5.11 to NSPR 4.10.6 for FF31

[4.10.2-3]
- Retagging
- Resolves: rhbz#1032468

[4.10.2-2]
- Remove an unused patch
- Resolves: rhbz#1032468 - CVE-2013-5605 CVE-2013-5606 CVE-2013-1741 
nss: various flaws [rhel-5.11]

[4.10.2-1]
- Update to nspr-4.10.2
- Resolves: rhbz#1032468 - CVE-2013-5605 CVE-2013-5606 CVE-2013-1741 
nss: various flaws [rhel-5.11]

[4.10.0-2]
- Retagging to fix an inconsitency in the release tags
- Resolves: rhbz#1002641 - Rebase RHEL 5 to NSPR 4.10 (for FF 24.x)

[4.9.5-1]
- Rebase to nspr-4.10.0
- Resolves: rhbz#1002641 - Rebase RHEL 5 to NSPR 4.10 (for FF 24.x)

[4.9.5-2]
- Resolves: rhbz#737704 - Fix spec file test script typo and enable 
running the test suites

[4.9.5-1]
- Resolves: rhbz#919183 - Rebase to nspr-4.9.5

[4.9.2-1]
- Resolves: rhbz#883777- [RFE] Rebase nspr to 4.9.2 due to Firefox 17 ESR

[4.9.1-6]
- Resolves: rhbz#633519 - pthread_key_t leak and memory corruption

[4.9.1-5]
- Resolves: rhbz#831654 - Fix %post and %postun
- Updated License: to MPLv2.0 per upstream

[4.9.1-4]
- Resolves: rhbz#831654 - Pick up fixes from the rhel-5.8 branch
- Regenerated nspr-config-pc.patch passes the the rpmdiff tests

[4.9.1-3]
- Resolves: rhbz#831654 - restore top section of nspr-config-pc.patch
- Needed to prevent multilib regressions

[4.9.1-2]
- Resolves: rhbz#831654 - revert unwanted changes to nspr.pc
- Change -L at libdir@/nspr4 to -L at libdir@ in the patch

[4.9.1-1]
- Update to NSPR_4_9_1_RTM
- Resolves: rhbz#831654

[4.8.9-1]
- rebuilt

[4.8.9-1]
- Resolves: Bug 772945 - [RFE] Async update nspr to make firefox 10 LTS 
rebase possible
- Update to 4.8.9

[4.8.8-2]
- Bumping the relase tag so it's higher than the one in 5.7-z

[4.8.8-1]
- Update to 4.8.8




More information about the Oraclevm-errata mailing list