ELSA-2017-0254

ULN >
Oracle Linux Errata repository >
ELSA-2017-0254

ELSA-2017-0254 - spice security update

Type:	SECURITY
Impact:	MODERATE
Release Date:	2017-02-05

Description

[0.12.4-20]
- Fix buffer overflow in main_channel_alloc_msg_rcv_buf when reading large
messages.
Resolves: CVE-2016-9577
- Fix remote DoS via crafted message.
Resolves: CVE-2016-9578

Related CVEs

CVE-2016-9577

CVE-2016-9578

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 7 (x86_64)	spice-0.12.4-20.el7_3.src.rpm	62fdc6d9744d0be05c1d70eb1d1be4f2905ecd96ca11081a4ca5c14440d55cd7	ELSA-2020-4187	ol7_x86_64_latest_archive
	spice-0.12.4-20.el7_3.src.rpm	62fdc6d9744d0be05c1d70eb1d1be4f2905ecd96ca11081a4ca5c14440d55cd7	ELSA-2020-4187	ol7_x86_64_optional_archive
	spice-0.12.4-20.el7_3.src.rpm	62fdc6d9744d0be05c1d70eb1d1be4f2905ecd96ca11081a4ca5c14440d55cd7	ELSA-2020-4187	ol7_x86_64_u3_patch
	spice-server-0.12.4-20.el7_3.x86_64.rpm	47a08c56d28a9e0d26cd68e7f956451b68c68d8f2384ef09601eed8b8b6ecda6	ELSA-2020-4187	ol7_x86_64_latest_archive
	spice-server-0.12.4-20.el7_3.x86_64.rpm	47a08c56d28a9e0d26cd68e7f956451b68c68d8f2384ef09601eed8b8b6ecda6	ELSA-2020-4187	ol7_x86_64_u3_patch
	spice-server-devel-0.12.4-20.el7_3.x86_64.rpm	3e7177a0356f0d570c5f710ffca5565cbdb0d74e88f1899ca294b2b135eface4	ELSA-2020-4187	ol7_x86_64_optional_archive

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691