qspice-0.3.0-56.AXS3.1
エラータID: AXSA:2013-680:01
Release date:
Monday, November 25, 2013 - 13:41
Subject:
qspice-0.3.0-56.AXS3.1
Affected Channels:
Asianux Server 3 for x86_64
Severity:
High
Description:
The Simple Protocol for Independent Computing Environments (SPICE) is a remote display system built for virtual environments which allows you to view a computing 'desktop' environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures.
Security issues fixed with this release:
• CVE-2013-4282
Stack-based buffer overflow in the reds_handle_ticket function in server/reds.c in SPICE 0.12.0 allows remote attackers to cause a denial of service (crash) via a long password in a SPICE ticket.
Solution:
Update packages.
CVEs:
CVE-2013-4282
Stack-based buffer overflow in the reds_handle_ticket function in server/reds.c in SPICE 0.12.0 allows remote attackers to cause a denial of service (crash) via a long password in a SPICE ticket.
Stack-based buffer overflow in the reds_handle_ticket function in server/reds.c in SPICE 0.12.0 allows remote attackers to cause a denial of service (crash) via a long password in a SPICE ticket.
Additional Info:
N/A
Download:
Asianux Server 3 for x86_64
- qspice-0.3.0-56.AXS3.1.x86_64.rpm
MD5: 0d4222492b0fe660ba5144b35dd04cdd
SHA-256: 9f23869ee41f0fb8bad2d7d0c77131a4cf2b7e5f75fc80236ecad3b211cb3436
Size: 18.41 kB - qspice-libs-0.3.0-56.AXS3.1.x86_64.rpm
MD5: e164af6dc23e5e4a76a614fff54a1cf2
SHA-256: 391c4cbf57f9d6a27acd05c5806ea2f1840d2fa8924e1c7f720e53091d12b50e
Size: 236.62 kB