ELSA-2013-1474 - qspice security update
| Type: | SECURITY |
| Severity: | IMPORTANT |
| Release Date: | 2013-10-29 |
Description
[0.3.0-56.1]
- Fix spice-server crash when client sends a password which is too long
Resolves: CVE-2013-4282
[0.3.0-56.el5]
- Fix unsafe accesses
+ spice: drop libpng from windows components (537849)
+ libspice: fix unsafe guest data accessing
Resolves: #568720
+ fix unsafe free() call.
Resolves: #568724
+ spice server: fix unsafe cursor items handling.
Resolves: #568720
[0.3.0-55.el5]
- spice: clear client palette caches on migration
Resolves: #599496
Related CVEs
Updated Packages
| Release/Architecture | Filename | MD5sum | Superseded By Advisory |
|
| Oracle Linux 5 (x86_64) | qspice-0.3.0-56.el5_10.1.src.rpm | bc87fd0255412e91ec7652d4733f7cbb | - |
| qspice-0.3.0-56.el5_10.1.x86_64.rpm | ea845efc6cec48bee6a5e776e03b387b | - |
| qspice-libs-0.3.0-56.el5_10.1.x86_64.rpm | aec998741aae492357d051ec079c02a4 | - |
| qspice-libs-devel-0.3.0-56.el5_10.1.x86_64.rpm | a3dc99d6c4cdea39efe381f428414317 | - |
This page is generated automatically and has not been checked for errors or omissions. For clarification
or corrections please contact the Oracle Linux ULN team
