OracleVM 2.1 : libtiff (OVMSA-2009-0027)
High Nessus Plugin ID 79467
SynopsisThe remote OracleVM host is missing one or more security updates.
DescriptionThe remote OracleVM system is missing necessary patches to address critical security updates :
- Fix buffer overrun risks caused by unchecked integer overflow (CVE-2009-2347) Resolves: #507725
- Fix some more LZW decoding vulnerabilities (CVE-2009-2285) Resolves: #507725
- Update upstream URL
- Use -fno-strict-aliasing per rpmdiff recommendation
- Fix LZW decoding vulnerabilities (CVE-2008-2327) Resolves: #458812
- Remove sgi2tiff.1 and tiffsv.1, since they are for programs we don't ship Resolves: #460120
SolutionUpdate the affected libtiff / libtiff-devel packages.