Oval Definition:oval:com.redhat.rhsa:def:20090011
Revision Date:2009-01-07Version:642
Title:RHSA-2009:0011: lcms security update (Moderate)
Description:Little Color Management System (LittleCMS, or simply "lcms") is a small-footprint, speed-optimized open source color management engine.

  • Multiple insufficient input validation flaws were discovered in LittleCMS. An attacker could use these flaws to create a specially-crafted image file which could cause an application using LittleCMS to crash, or, possibly, execute arbitrary code when opened. (CVE-2008-5316, CVE-2008-5317)

    Users of lcms should upgrade to these updated packages, which contain backported patches to correct these issues. All running applications using lcms library must be restarted for the update to take effect.
    • Family:unixClass:patch
    Status:Reference(s):CVE-2008-5316
    CVE-2008-5317
    RHSA-2009:0011
    RHSA-2009:0011-01
    RHSA-2009:0011-01
    Platform(s):Red Hat Enterprise Linux 5
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 5 is installed
  • AND
  • lcms is earlier than 0:1.15-1.2.2.el5_2.2
  • AND lcms is signed with Red Hat redhatrelease2 key
  • lcms-devel is earlier than 0:1.15-1.2.2.el5_2.2
  • AND lcms-devel is signed with Red Hat redhatrelease2 key
  • python-lcms is earlier than 0:1.15-1.2.2.el5_2.2
  • AND python-lcms is signed with Red Hat redhatrelease2 key
    • BACK