spice-server security update

2019-01-3100:00:00

linux.oracle.com

0.003 Low

EPSS

Percentile

69.8%

JSON

[0.12.4-16.3]

Fix off-by-one error during guest-to-host memory address conversion
Resolves: CVE-2019-3813
[0.12.4-16.2]
Prevent potential buffer/integer overflows with invalid MonitorsConfig messages
sent from an authenticated client
Resolves: CVE-2017-7506
[0.12.4-16.1]
Fix flexible array buffer overflow
Resolves: rhbz#1596008

OSVersionArchitecturePackageVersionFilename
oracle linux6srcspice-server< 0.12.4-16.el6_10.3spice-server-0.12.4-16.el6_10.3.src.rpm
oracle linux6x86_64spice-server< 0.12.4-16.el6_10.3spice-server-0.12.4-16.el6_10.3.x86_64.rpm
oracle linux6x86_64spice-server-devel< 0.12.4-16.el6_10.3spice-server-devel-0.12.4-16.el6_10.3.x86_64.rpm

OS	Version	Architecture	Package	Version	Filename
oracle linux	6	src	spice-server	< 0.12.4-16.el6_10.3	spice-server-0.12.4-16.el6_10.3.src.rpm
oracle linux	6	x86_64	spice-server	< 0.12.4-16.el6_10.3	spice-server-0.12.4-16.el6_10.3.x86_64.rpm
oracle linux	6	x86_64	spice-server-devel	< 0.12.4-16.el6_10.3	spice-server-devel-0.12.4-16.el6_10.3.x86_64.rpm