qspice-0.3.0-54.AXS3.2
エラータID: AXSA:2010-422:03
The Simple Protocol for Independent Computing Environments (SPICE) is a remote display system built for virtual environments which allows you to view a computing 'desktop' environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures.
Security issues fixed with this release:
CVE-2010-0428
CVE-2010-0429
No description available at the time of writing, see the links below.
Fixed bugs:
- Fixed unsafe accesses
+ spice: drop libpng from windows components
+ libspice: fix unsafe guest data accessing
+ fix unsafe free() call.
+ spice server: fix unsafe cursor items handling.
Update packages.
libspice, as used in QEMU-KVM in the Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise Virtualization (RHEV) 2.2 and qspice 0.3.0, does not properly validate guest QXL driver pointers, which allows guest OS users to cause a denial of service (invalid pointer dereference and guest OS crash) or possibly gain privileges via unspecified vectors.
libspice, as used in QEMU-KVM in the Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise Virtualization (RHEV) 2.2 and qspice 0.3.0, does not properly restrict the addresses upon which memory-management actions are performed, which allows guest OS users to cause a denial of service (guest OS crash) or possibly gain privileges via unspecified vectors.
N/A
SRPMS
- qspice-0.3.0-54.AXS3.2.src.rpm
MD5: 448c8f2ac24b22b0304820768590c41e
SHA-256: 038aabadd7381550d8cca868c674191718cb0c36ded2963b5ae2f0b3f4cbc45d
Size: 488.98 kB
Asianux Server 3 for x86_64
- qspice-0.3.0-54.AXS3.2.x86_64.rpm
MD5: dc52f7a02f2952c1d84ae7c8a4db4eb4
SHA-256: 235c6a21b97d744df49d559f2af4562f25382f325354cbcb6f5842016c74f822
Size: 18.27 kB - qspice-libs-0.3.0-54.AXS3.2.x86_64.rpm
MD5: 401154a35d86623b5f39d0e875bf4a3b
SHA-256: afe520f1c968ce18c5c904abaa18fd000873ff2ecc640213c60aaed611cf9597
Size: 236.30 kB
日本語