Security update for spice (important)

ID SUSE-SU-2015:0884-2
Type suse
Reporter Suse
Modified 2015-05-16T01:04:53


The remote desktop software SPICE was updated to address one security issue.

The following vulnerabilitiy was fixed:

  • A stack-based buffer overflow in the password handling code allowed remote attackers to cause a denial of service (crash) via a long password in a SPICE ticket. (bsc#848279, CVE-2013-4282)