[Oraclevm-errata] OVMSA-2016-0076 Oracle VM 3.2 perl security update
Errata Announcements for Oracle VM
oraclevm-errata at oss.oracle.com
Tue Jun 21 10:10:01 PDT 2016
Oracle VM Security Advisory OVMSA-2016-0076
The following updated rpms for Oracle VM 3.2 have been uploaded to the
Unbreakable Linux Network:
x86_64:
perl-5.8.8-43.el5_11.x86_64.rpm
SRPMS:
http://oss.oracle.com/oraclevm/server/3.2/SRPMS-updates/perl-5.8.8-43.el5_11.src.rpm
Description of changes:
[4:5.8.8-43]
- Do not extend allowable epoch values in Time::Local::timelocal to remove
useless warning on 64-bit platforms (Resolves: rhbz#1149375)
[4:5.8.8-42]
- Fix perl segfaults with custom signal handle (Resolves: rhbz#991854)
- Reorder AnyDBM_File back-end preference (Resolves: rhbz#1018721)
- Fix backslash interpolation in Locale::Maketext (Resolves: rhbz#1029016)
- Enable year 2038 for Time::Local on 64-bit platforms (Resolves:
rhbz#1057047)
[4:5.8.8-41]
- 800340 - strftime memory leak perl bug (RT#73520)
- Resolves: rhbz#800340
[4:5.8.8-40]
- Fix CVE-2012-5195 heap buffer overrun at repeatcpy (Resolves: rhbz#915691)
- Fix CVE-2012-5526 newline injection due to improper CRLF escaping in
Set-Cookie and P3P headers (Resolves: rhbz#915691)
- Fix CVE-2012-6329 possible arbitrary code execution via Locale::Maketext
(Resolves: rhbz#915691)
- Fix CVE-2013-1667 DoS in rehashing code (Resolves: rhbz#915691)
[4:5.8.8-39.el5]
- 848156 - Reverts code of perl-5.8.8-U32019.patch
- Resolves: rhbz#848156
More information about the Oraclevm-errata
mailing list