[Oraclevm-errata] OVMSA-2017-0048 Moderate: Oracle VM 3.3 openjpeg security update
Errata Announcements for Oracle VM
oraclevm-errata at oss.oracle.com
Wed Mar 22 11:03:22 PDT 2017
Oracle VM Security Advisory OVMSA-2017-0048
The following updated rpms for Oracle VM 3.3 have been uploaded to the
Unbreakable Linux Network:
x86_64:
openjpeg-libs-1.3-16.el6_8.x86_64.rpm
SRPMS:
http://oss.oracle.com/oraclevm/server/3.3/SRPMS-updates/openjpeg-1.3-16.el6_8.src.rpm
Description of changes:
[1.3-16]
- Revert previous changes in patch for CVE-2016-5159
- Fix double free in patch for CVE-2016-5139
- Fix memory leaks and invalid read in cio_bytein
Related: #1419775
[1.3-15]
- Add two more allocation checks to patch for CVE-2016-5159
Related: #1419775
[1.3-14]
- Add patches for CVE-2016-5139, CVE-2016-5158, CVE-2016-5159
Related: #1419775
[1.3-13]
- Fix patch name: CVE-2016-9675 => CVE-2016-7163
Related: #1419775
[1.3-12]
- Add patch for CVE-2016-9675
- Fix Coverity issues
Resolves: #1419775
[1.3-11]
- Fix for CVE-2013-6045 breaks decoding of chroma-subsampled
Resolves: 1047494
[1.3-10]
- Apply patch for CVE-2013-6054 CVE-2013-1447 CVE-2013-6045 CVE-2013-6052
Resolves: #1038987 CVE-2013-6054 CVE-2013-1447 CVE-2013-6045 CVE-2013-6052
More information about the Oraclevm-errata
mailing list