Описание
ELSA-2017-2471: spice security update (IMPORTANT)
[0.12.8-2.1]
- Redo build properly versioned as a zstream build Related: CVE-2017-7506
[0.12.8-3]
- Prevent potential buffer/integer overflows with invalid MonitorsConfig messages sent from an authenticated client Resolves: CVE-2017-7506
Обновленные пакеты
Oracle Linux 7
Oracle Linux x86_64
spice-server
0.12.8-2.el7.1
spice-server-devel
0.12.8-2.el7.1
Связанные CVE
Связанные уязвимости
spice versions though 0.13 are vulnerable to out-of-bounds memory access when processing specially crafted messages from authenticated attacker to the spice server resulting into crash and/or server memory leak.
spice versions though 0.13 are vulnerable to out-of-bounds memory access when processing specially crafted messages from authenticated attacker to the spice server resulting into crash and/or server memory leak.
spice versions though 0.13 are vulnerable to out-of-bounds memory access when processing specially crafted messages from authenticated attacker to the spice server resulting into crash and/or server memory leak.
spice versions though 0.13 are vulnerable to out-of-bounds memory acce ...
