Описание
ELSA-2013-1474: qspice security update (IMPORTANT)
[0.3.0-56.1]
- Fix spice-server crash when client sends a password which is too long Resolves: CVE-2013-4282
[0.3.0-56.el5]
- Fix unsafe accesses
- spice: drop libpng from windows components (537849)
- libspice: fix unsafe guest data accessing Resolves: #568720
- fix unsafe free() call. Resolves: #568724
- spice server: fix unsafe cursor items handling. Resolves: #568720
[0.3.0-55.el5]
- spice: clear client palette caches on migration Resolves: #599496
Обновленные пакеты
Oracle Linux 5
Oracle Linux x86_64
qspice
0.3.0-56.el5_10.1
qspice-libs
0.3.0-56.el5_10.1
qspice-libs-devel
0.3.0-56.el5_10.1
Связанные CVE
Связанные уязвимости
Stack-based buffer overflow in the reds_handle_ticket function in server/reds.c in SPICE 0.12.0 allows remote attackers to cause a denial of service (crash) via a long password in a SPICE ticket.
Stack-based buffer overflow in the reds_handle_ticket function in server/reds.c in SPICE 0.12.0 allows remote attackers to cause a denial of service (crash) via a long password in a SPICE ticket.
Stack-based buffer overflow in the reds_handle_ticket function in server/reds.c in SPICE 0.12.0 allows remote attackers to cause a denial of service (crash) via a long password in a SPICE ticket.
Stack-based buffer overflow in the reds_handle_ticket function in serv ...
