Nom du paquet
spice
Date
2013-08-23
Advisory ID
MDVSA-2013:217
Affected versions
MBS1 x86_64

Problem description

Updated spice packages fix security vulnerability:

An user able to initiate spice connection to the guest could use a
flaw in server/red_channel.c to crash the guest (CVE-2013-4130).

Updated packages

MBS1 x86_64

 d258ed3fef4351d03632bff3db3f813a  mbs1/x86_64/lib64spice-server1-0.12.2-5.1.mbs1.x86_64.rpm
 364d3dc81e024d84432041feea874837  mbs1/x86_64/lib64spice-server-devel-0.12.2-5.1.mbs1.x86_64.rpm
 eef567111d93c6cc3b5de415b0b72fb4  mbs1/x86_64/spice-client-0.12.2-5.1.mbs1.x86_64.rpm 
 19c6cea05e9869b346af175b87c308ba  mbs1/SRPMS/spice-0.12.2-5.1.mbs1.src.rpm

References