File _patchinfo of Package patchinfo.1097

Overview Repositories Revisions Requests Users Attributes Meta

File _patchinfo of Package patchinfo.1097

<patchinfo incident="1097">
  <packager>cbosdonnat</packager>
  <issue tracker="bnc" id="944460">VUL-0: CVE-2015-3247 spice: memory corruption in worker_update_monitors_config()</issue>
  <issue tracker="bnc" id="948976">VUL-0: CVE-2015-5261 spice: host memory access from guest using crafted images</issue>
  <issue tracker="bnc" id="944460">VUL-0: CVE-2015-5260: spice: Insufficient validation of surface_id parameter can cause crash</issue>
  <issue tracker="cve" id="CVE-2015-3247"></issue>
  <issue tracker="cve" id="CVE-2015-5260"></issue>
  <issue tracker="cve" id="CVE-2015-5261"></issue>
  <category>security</category>
  <rating>moderate</rating>
  <summary>Security update for spice</summary>
  <description>Spice was updated to fix three security issues.
    
The following vulnerabilities were fixed:  
* CVE-2015-3247: heap corruption in the spice server (bsc#944460)
* CVE-2015-5261: Guest could have accessed host memory using crafted images (bsc#948976)
* CVE-2015-5260: Insufficient validation of surface_id parameter could have caused a crash (bsc#944460)
</description>
</patchinfo>

Places

File _patchinfo of Package patchinfo.1097

Places