ELSA-2018-3522

ELSA-2018-3522 - spice-server security update

Type:	SECURITY
Severity:	IMPORTANT
Release Date:	2018-11-08

Description

[0.12.4-16.2]
- Prevent potential buffer/integer overflows with invalid MonitorsConfig messages
sent from an authenticated client
Resolves: CVE-2017-7506

[0.12.4-16.1]
- Fix flexible array buffer overflow
Resolves: rhbz#1596008

Related CVEs

CVE-2017-7506

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory
Oracle Linux 6 (x86_64)	spice-server-0.12.4-16.el6_10.2.src.rpm	33c5ae0c137d04df0f0d8d6aac9094e7	ELSA-2019-0232
	spice-server-0.12.4-16.el6_10.2.x86_64.rpm	923524b2adbc0aa7cbe42654e7f1ec81	ELSA-2019-0232
	spice-server-devel-0.12.4-16.el6_10.2.x86_64.rpm	f07a02ec355cadcacedd778523ac1ca4	ELSA-2019-0232

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team