spice-0.14.3-4.el8
エラータID: AXSA:2021-2114:09
The Simple Protocol for Independent Computing Environments (SPICE) is a remote display system built for virtual environments which allows the user to view a computing 'desktop' environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures.
Security Fix(es):
* spice: Client initiated renegotiation denial of service (CVE-2021-20201)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
CVE-2021-20201
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
Update packages.
A flaw was found in spice in versions before 0.14.92. A DoS tool might make it easier for remote attackers to cause a denial of service (CPU consumption) by performing many renegotiations within a single connection.
N/A
SRPMS
- spice-0.14.3-4.el8.src.rpm
MD5: 0541aafd7e547054c1be642805ef18da
SHA-256: cf2e5f4f4565db69e94583d3e896d5c529d5a3873cef81606eb779acecc480fe
Size: 1.48 MB
Asianux Server 8 for x86_64
- spice-server-0.14.3-4.el8.x86_64.rpm
MD5: 753155aa00da88d951be759f67e0f475
SHA-256: c6a6bd06e73c32fdbbf91db23c1d7ed3fec85953ee899c925973f47bf83873ec
Size: 407.39 kB - spice-server-0.14.3-4.el8.i686.rpm
MD5: e8e448c528b3c147f71eef47ba45a6a9
SHA-256: 939f0d5585f8ce9ba8c9250522c68b7a540b7bbd6368a2721cb98742c4c6815d
Size: 438.28 kB