ELSA-2019-0232 - spice-server security update
| Type: | SECURITY |
| Severity: | IMPORTANT |
| Release Date: | 2019-01-31 |
Description
[0.12.4-16.3]
- Fix off-by-one error during guest-to-host memory address conversion
Resolves: CVE-2019-3813
[0.12.4-16.2]
- Prevent potential buffer/integer overflows with invalid MonitorsConfig messages
sent from an authenticated client
Resolves: CVE-2017-7506
[0.12.4-16.1]
- Fix flexible array buffer overflow
Resolves: rhbz#1596008
Related CVEs
Updated Packages
| Release/Architecture | Filename | MD5sum | Superseded By Advisory |
|
| Oracle Linux 6 (x86_64) | spice-server-0.12.4-16.el6_10.3.src.rpm | 6b8b6d4c8bdcb5c32d9c5194a47d6366 | - |
| spice-server-0.12.4-16.el6_10.3.x86_64.rpm | 0de0c78e09dcf5925081a7b56d1f279e | - |
| spice-server-devel-0.12.4-16.el6_10.3.x86_64.rpm | c69952685d262cc64db9bcee58ca02cb | - |
This page is generated automatically and has not been checked for errors or omissions. For clarification
or corrections please contact the Oracle Linux ULN team
