This security update for spice fixes the following issues:
CVE-2016-9577: A buffer overflow in the spice server could have
potentially been used by unauthenticated attackers to execute arbitrary
code. (bsc#1023078) CVE-2016-9578: Unauthenticated attackers could have
caused a denial of service via a crafted message. (bsc#1023079)