SUSE-SU-2015:0884-2

Опубликовано: 02 апр. 2015

Источник: suse-cvrf

Описание

Security update for spice

The remote desktop software SPICE was updated to address one security issue.

The following vulnerabilitiy was fixed:

A stack-based buffer overflow in the password handling code allowed remote attackers to cause a denial of service (crash) via a long password in a SPICE ticket. (bsc#848279, CVE-2013-4282)

Список пакетов

SUSE Linux Enterprise Software Development Kit 12

libspice-server-devel-0.12.4-6.1

Ссылки

https://www.suse.com/support/update/announcement/2015/suse-su-20150884-2/
Link for SUSE-SU-2015:0884-2
https://lists.suse.com/pipermail/sle-security-updates/2015-May/001391.html
E-Mail link for SUSE-SU-2015:0884-2
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/848279
SUSE Bug 848279
https://www.suse.com/security/cve/CVE-2013-4282/
SUSE CVE CVE-2013-4282 page

Описание

Stack-based buffer overflow in the reds_handle_ticket function in server/reds.c in SPICE 0.12.0 allows remote attackers to cause a denial of service (crash) via a long password in a SPICE ticket.

Затронутые продукты

SUSE Linux Enterprise Software Development Kit 12:libspice-server-devel-0.12.4-6.1

Ссылки

https://www.suse.com/security/cve/CVE-2013-4282.html
CVE-2013-4282
https://bugzilla.suse.com/848279
SUSE Bug 848279

SUSE-SU-2015:0884-2

Описание

Список пакетов

SUSE Linux Enterprise Software Development Kit 12

Ссылки

Уязвимость: CVE-2013-4282

Описание

Затронутые продукты

Ссылки