Home
Reading
Searching
Subscribe
Sponsors
Statistics
Posting
Contact
Spam
Lists
Links
About
Hosting
Filtering
Features Download
Marketing
Archives
FAQ
Blog
 
Gmane
From: Errata Announcements for Oracle Linux <el-errata <at> oss.oracle.com>
Subject: ELSA-2013-1473 Important: Oracle Linux 6 spice-server security update
Newsgroups: gmane.linux.oracle.el-errata
Date: Wednesday 30th October 2013 01:07:51 UTC (over 3 years ago)
Oracle Linux Security Advisory ELSA-2013-1473

https://rhn.redhat.com/errata/RHSA-2013-1473.html

The following updated rpms for Oracle Linux 6 have been uploaded to the 
Unbreakable Linux Network:


x86_64:
spice-server-0.12.0-12.el6_4.5.x86_64.rpm
spice-server-devel-0.12.0-12.el6_4.5.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/spice-server-0.12.0-12.el6_4.5.src.rpm



Description of changes:

[0.12.0-12.5]
- Fix issue with error-handling of RSA_private_decrypt() in previous patch
   Related: CVE-2013-4282

[0.12.0-12.el6_4.4]
- Fix buffer overflow when decrypting client SPICE ticket
   Resolves: CVE-2013-4282
 
CD: 3ms