[Oraclevm-errata] OVMSA-2016-0076 Oracle VM 3.2 perl security update

Errata Announcements for Oracle VM oraclevm-errata at oss.oracle.com
Tue Jun 21 10:10:01 PDT 2016


Oracle VM Security Advisory OVMSA-2016-0076

The following updated rpms for Oracle VM 3.2 have been uploaded to the 
Unbreakable Linux Network:

x86_64:
perl-5.8.8-43.el5_11.x86_64.rpm


SRPMS:
http://oss.oracle.com/oraclevm/server/3.2/SRPMS-updates/perl-5.8.8-43.el5_11.src.rpm



Description of changes:

[4:5.8.8-43]
- Do not extend allowable epoch values in Time::Local::timelocal to remove
   useless warning on 64-bit platforms (Resolves: rhbz#1149375)

[4:5.8.8-42]
- Fix perl segfaults with custom signal handle (Resolves: rhbz#991854)
- Reorder AnyDBM_File back-end preference (Resolves: rhbz#1018721)
- Fix backslash interpolation in Locale::Maketext (Resolves: rhbz#1029016)
- Enable year 2038 for Time::Local on 64-bit platforms (Resolves: 
rhbz#1057047)

[4:5.8.8-41]
- 800340 - strftime memory leak perl bug (RT#73520)
- Resolves: rhbz#800340

[4:5.8.8-40]
- Fix CVE-2012-5195 heap buffer overrun at repeatcpy (Resolves: rhbz#915691)
- Fix CVE-2012-5526 newline injection due to improper CRLF escaping in
   Set-Cookie and P3P headers (Resolves: rhbz#915691)
- Fix CVE-2012-6329 possible arbitrary code execution via Locale::Maketext
   (Resolves: rhbz#915691)
- Fix CVE-2013-1667 DoS in rehashing code (Resolves: rhbz#915691)

[4:5.8.8-39.el5]
- 848156 - Reverts code of perl-5.8.8-U32019.patch
- Resolves: rhbz#848156




More information about the Oraclevm-errata mailing list