ELSA-2017-0254

ELSA-2017-0254 - spice security update

Type:SECURITY
Severity:MODERATE
Release Date:2017-02-05

Description


[0.12.4-20]
- Fix buffer overflow in main_channel_alloc_msg_rcv_buf when reading large
messages.
Resolves: CVE-2016-9577
- Fix remote DoS via crafted message.
Resolves: CVE-2016-9578


Related CVEs


CVE-2016-9577
CVE-2016-9578

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 7 (x86_64) spice-0.12.4-20.el7_3.src.rpma2689305ed998e37dad660fe29190fceELSA-2020-4187
spice-server-0.12.4-20.el7_3.x86_64.rpm58b2eb427990f3beb11267c80359457bELSA-2020-4187
spice-server-devel-0.12.4-20.el7_3.x86_64.rpmcdbf438788f20fbae180b6129b4b993aELSA-2020-4187



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete