spice-gtk-0.26-8.AXS4.2
エラータID: AXSA:2020-4447:01
リリース日:
2020/02/11 Tuesday - 12:49
題名:
spice-gtk-0.26-8.AXS4.2
影響のあるチャネル:
Asianux Server 4 for x86_64
Asianux Server 4 for x86
Severity:
Moderate
Description:
以下項目について対処しました。
[Security Fix]
- spice-client には LZ で圧縮されたフレームの処理に複数の整数オーバーフローとバッファオーバーフローが
存在し、悪意のあるサーバがクライアントをクラッシュさせる、あるいは任意のコードを実行する可能性のある
脆弱性があります。(CVE-2018-10893)
一部CVEの翻訳文はJVNからの引用になります。
http://jvndb.jvn.jp/
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2018-10893
Multiple integer overflow and buffer overflow issues were discovered in spice-client's handling of LZ compressed frames. A malicious server could cause the client to crash or, potentially, execute arbitrary code.
Multiple integer overflow and buffer overflow issues were discovered in spice-client's handling of LZ compressed frames. A malicious server could cause the client to crash or, potentially, execute arbitrary code.
追加情報:
N/A
ダウンロード:
SRPMS
- spice-gtk-0.26-8.AXS4.2.src.rpm
MD5: 55c043bdd88773c630fe03c909b56408
SHA-256: 8a4c7cd9975992b854c8de7853c3bad465a4bf9c5653e5787e0fe1b3b09488c5
Size: 1.29 MB
Asianux Server 4 for x86
- spice-glib-0.26-8.AXS4.2.i686.rpm
MD5: 593fd9728f9c9db45e75f27a2a4614bc
SHA-256: a8f9635bc9f9a1b7ad8ced25dcd55e7f64286d5c1181c6dcdf33800acc5ba17f
Size: 319.89 kB - spice-gtk-0.26-8.AXS4.2.i686.rpm
MD5: a96946be47be8ce844e6475465ec833d
SHA-256: d2ba89a64bb4cb6a832ecef50e052918ba211e37bd0c771364884b4b996a47a6
Size: 69.32 kB - spice-gtk-python-0.26-8.AXS4.2.i686.rpm
MD5: 3096db4687aa515a8a86ebce85561b7f
SHA-256: b3418a16fb950a27974c62e9c482afee7d8a18ad88d992eaf31f1e11ce21b7c7
Size: 26.02 kB
Asianux Server 4 for x86_64
- spice-glib-0.26-8.AXS4.2.x86_64.rpm
MD5: 4489a47f06db16ceeea4fa275b0a3e6a
SHA-256: 7c3c0cd8fe8f6e2d3475b969b58b50b6c7b511f01da5d2a783f7d1c5485b0d8e
Size: 315.88 kB - spice-gtk-0.26-8.AXS4.2.x86_64.rpm
MD5: 5f525ece396a73989521eb6c07f61369
SHA-256: fc8d7c3d7aa817702dcb01b0271f0d70d4d2a9b74b84a8a29770013ac4c8f61d
Size: 69.83 kB - spice-gtk-python-0.26-8.AXS4.2.x86_64.rpm
MD5: ff17f8568515bb99e77b85f3f75c2613
SHA-256: 8c71577ab946b1ec782a44664cecef2648e0214df003438fc1d1cbfae70cd65a
Size: 27.07 kB - spice-glib-0.26-8.AXS4.2.i686.rpm
MD5: 593fd9728f9c9db45e75f27a2a4614bc
SHA-256: a8f9635bc9f9a1b7ad8ced25dcd55e7f64286d5c1181c6dcdf33800acc5ba17f
Size: 319.89 kB - spice-gtk-0.26-8.AXS4.2.i686.rpm
MD5: a96946be47be8ce844e6475465ec833d
SHA-256: d2ba89a64bb4cb6a832ecef50e052918ba211e37bd0c771364884b4b996a47a6
Size: 69.32 kB