Home
Reading
Searching
Subscribe
Sponsors
Statistics
Posting
Contact
Spam
Lists
Links
About
Hosting
Filtering
Features Download
Marketing
Archives
FAQ
Blog
 
Gmane
From: Errata Announcements for Oracle Linux <el-errata <at> oss.oracle.com>
Subject: ELSA-2013-1474 Important: Oracle Linux 5 qspice security update
Newsgroups: gmane.linux.oracle.el-errata
Date: Wednesday 30th October 2013 03:10:51 UTC (over 3 years ago)
Oracle Linux Security Advisory ELSA-2013-1474

https://rhn.redhat.com/errata/RHSA-2013-1474.html

The following updated rpms for Oracle Linux 5 have been uploaded to the 
Unbreakable Linux Network:

x86_64:
qspice-libs-0.3.0-56.el5_10.1.x86_64.rpm
qspice-0.3.0-56.el5_10.1.x86_64.rpm
qspice-libs-devel-0.3.0-56.el5_10.1.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol5/SRPMS-updates/qspice-0.3.0-56.el5_10.1.src.rpm



Description of changes:

[0.3.0-56.1]
- Fix spice-server crash when client sends a password which is too long
   Resolves: CVE-2013-4282

[0.3.0-56.el5]
- Fix unsafe accesses
   + spice: drop libpng from windows components (537849)
   + libspice: fix unsafe guest data accessing
Resolves: #568720
   + fix unsafe free() call.
Resolves: #568724
   + spice server: fix unsafe cursor items handling.
Resolves: #568720

[0.3.0-55.el5]
- spice: clear client palette caches on migration
Resolves: #599496
 
CD: 3ms