Описание
ELSA-2021-1924: spice security update (LOW)
[0.14.3-4]
- Disable client-side renegotiation to prevent potential DoS Resolves: rhbz#1904459
[0.14.3-3]
- Fix some static analyzer issues
- Removed Obsoletes line for spice-client Related: rhbz#1840240
[0.14.3-2]
- Fix multiple buffer overflows in QUIC decoding code Resolves: rhbz#1829946
[0.14.3-1]
- Update to 0.14.3 Revolves: rhbz#1840240
Обновленные пакеты
Oracle Linux 8
Oracle Linux aarch64
spice-server
0.14.3-4.el8
spice-server-devel
0.14.3-4.el8
Oracle Linux x86_64
spice-server
0.14.3-4.el8
spice-server-devel
0.14.3-4.el8
Связанные CVE
Связанные уязвимости
A flaw was found in spice in versions before 0.14.92. A DoS tool might make it easier for remote attackers to cause a denial of service (CPU consumption) by performing many renegotiations within a single connection.
A flaw was found in spice in versions before 0.14.92. A DoS tool might make it easier for remote attackers to cause a denial of service (CPU consumption) by performing many renegotiations within a single connection.
A flaw was found in spice in versions before 0.14.92. A DoS tool might make it easier for remote attackers to cause a denial of service (CPU consumption) by performing many renegotiations within a single connection.
A flaw was found in spice in versions before 0.14.92. A DoS tool might ...
