Synopsis: Important: spice security update
Advisory ID: SLSA-2017:2471-1
Issue Date: 2017-08-15
CVE Numbers: CVE-2017-7506
—
Security Fix(es):
* A vulnerability was discovered in spice server’s protocol handling. An
authenticated attacker could send specially crafted messages to the spice
server, causing out-of-bounds memory accesses, leading to parts of server
memory being leaked or a crash. (CVE-2017-7506)
This issue was discovered by Frediano Ziglio (Red Hat).
—
SL7
x86_64
spice-debuginfo-0.12.8-2.el7.1.x86_64.rpm
spice-server-0.12.8-2.el7.1.x86_64.rpm
spice-server-devel-0.12.8-2.el7.1.x86_64.rpm
– Scientific Linux Development Team
