[Oraclevm-errata] OVMSA-2016-0076 Oracle VM 3.2 perl security update

Errata Announcements for Oracle VM oraclevm-errata at oss.oracle.com
Tue Jun 21 10:10:01 PDT 2016

Oracle VM Security Advisory OVMSA-2016-0076

The following updated rpms for Oracle VM 3.2 have been uploaded to the 
Unbreakable Linux Network:



Description of changes:

- Do not extend allowable epoch values in Time::Local::timelocal to remove
   useless warning on 64-bit platforms (Resolves: rhbz#1149375)

- Fix perl segfaults with custom signal handle (Resolves: rhbz#991854)
- Reorder AnyDBM_File back-end preference (Resolves: rhbz#1018721)
- Fix backslash interpolation in Locale::Maketext (Resolves: rhbz#1029016)
- Enable year 2038 for Time::Local on 64-bit platforms (Resolves: 

- 800340 - strftime memory leak perl bug (RT#73520)
- Resolves: rhbz#800340

- Fix CVE-2012-5195 heap buffer overrun at repeatcpy (Resolves: rhbz#915691)
- Fix CVE-2012-5526 newline injection due to improper CRLF escaping in
   Set-Cookie and P3P headers (Resolves: rhbz#915691)
- Fix CVE-2012-6329 possible arbitrary code execution via Locale::Maketext
   (Resolves: rhbz#915691)
- Fix CVE-2013-1667 DoS in rehashing code (Resolves: rhbz#915691)

- 848156 - Reverts code of perl-5.8.8-U32019.patch
- Resolves: rhbz#848156

More information about the Oraclevm-errata mailing list