[El-errata] ELSA-2019-0232 Important: Oracle Linux 6 spice-server security update
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Thu Jan 31 12:17:11 PST 2019
Oracle Linux Security Advisory ELSA-2019-0232
http://linux.oracle.com/errata/ELSA-2019-0232.html
The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:
i386:
x86_64:
spice-server-0.12.4-16.el6_10.3.x86_64.rpm
spice-server-devel-0.12.4-16.el6_10.3.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/spice-server-0.12.4-16.el6_10.3.src.rpm
Description of changes:
[0.12.4-16.3]
- Fix off-by-one error during guest-to-host memory address conversion
Resolves: CVE-2019-3813
[0.12.4-16.2]
- Prevent potential buffer/integer overflows with invalid MonitorsConfig
messages
sent from an authenticated client
Resolves: CVE-2017-7506
[0.12.4-16.1]
- Fix flexible array buffer overflow
Resolves: rhbz#1596008
More information about the El-errata
mailing list