ELSA-2018-3522

ELSA-2018-3522 - spice-server security update

Type:SECURITY
Severity:IMPORTANT
Release Date:2018-11-08

Description


[0.12.4-16.2]
- Prevent potential buffer/integer overflows with invalid MonitorsConfig messages
sent from an authenticated client
Resolves: CVE-2017-7506

[0.12.4-16.1]
- Fix flexible array buffer overflow
Resolves: rhbz#1596008


Related CVEs


CVE-2017-7506

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 6 (x86_64) spice-server-0.12.4-16.el6_10.2.src.rpm33c5ae0c137d04df0f0d8d6aac9094e7-
spice-server-0.12.4-16.el6_10.2.x86_64.rpm923524b2adbc0aa7cbe42654e7f1ec81-
spice-server-devel-0.12.4-16.el6_10.2.x86_64.rpmf07a02ec355cadcacedd778523ac1ca4-



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete