Описание
Security update for spice
This update for spice fixes the following issues:
- CVE-2021-20201: Fixed an issue which could allow clients to cause a denial of service by repeatedly renegotiating a connection (bsc#1181686).
Список пакетов
SUSE Linux Enterprise Micro 5.2
libspice-server1-0.14.3-150300.3.3.1
SUSE Linux Enterprise Module for Server Applications 15 SP3
libspice-server-devel-0.14.3-150300.3.3.1
libspice-server1-0.14.3-150300.3.3.1
openSUSE Leap 15.3
libspice-server-devel-0.14.3-150300.3.3.1
libspice-server1-0.14.3-150300.3.3.1
Ссылки
- Link for SUSE-SU-2022:2881-1
- E-Mail link for SUSE-SU-2022:2881-1
- SUSE Security Ratings
- SUSE Bug 1181686
- SUSE CVE CVE-2021-20201 page
Описание
A flaw was found in spice in versions before 0.14.92. A DoS tool might make it easier for remote attackers to cause a denial of service (CPU consumption) by performing many renegotiations within a single connection.
Затронутые продукты
SUSE Linux Enterprise Micro 5.2:libspice-server1-0.14.3-150300.3.3.1
SUSE Linux Enterprise Module for Server Applications 15 SP3:libspice-server-devel-0.14.3-150300.3.3.1
SUSE Linux Enterprise Module for Server Applications 15 SP3:libspice-server1-0.14.3-150300.3.3.1
openSUSE Leap 15.3:libspice-server-devel-0.14.3-150300.3.3.1
Ссылки
- CVE-2021-20201
- SUSE Bug 1181686