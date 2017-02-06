Login
Login-Name Passwort

Noch kein Login?
Daten vergessen?

 
Newsletter
Werbung
Sicherheit: Zwei Probleme in spice
Aktuelle Meldungen Distributionen
Name: Zwei Probleme in spice
ID: SUSE-SU-2017:0392-1
Distribution: SUSE
Plattformen: SUSE Linux Enterprise Desktop 12-SP2, SUSE Linux Enterprise Software Development Kit 12-SP2, SUSE Linux Enterprise Server 12-SP2
Datum: Mo, 6. Februar 2017, 16:51
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9577
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9578

Originalnachricht

 
   SUSE Security Update: Security update for spice
______________________________________________________________________________

Announcement ID:    SUSE-SU-2017:0392-1
Rating:             important
References:         #1023078 #1023079 
Cross-References:   CVE-2016-9577 CVE-2016-9578
Affected Products:
                    SUSE Linux Enterprise Software Development Kit 12-SP2
                    SUSE Linux Enterprise Server 12-SP2
                    SUSE Linux Enterprise Desktop 12-SP2
______________________________________________________________________________

   An update that fixes two vulnerabilities is now available.

Description:


   This security update for spice fixes the following issues:

   CVE-2016-9577: A buffer overflow in the spice server could have
   potentially been used by unauthenticated attackers to execute arbitrary
   code. (bsc#1023078) CVE-2016-9578: Unauthenticated attackers could have
   caused a denial of service via a crafted message. (bsc#1023079)


Patch Instructions:

   To install this SUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Software Development Kit 12-SP2:

      zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-200=1

   - SUSE Linux Enterprise Server 12-SP2:

      zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-200=1

   - SUSE Linux Enterprise Desktop 12-SP2:

      zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-200=1

   To bring your system up-to-date, use "zypper patch".


Package List:

   - SUSE Linux Enterprise Software Development Kit 12-SP2 (x86_64):

      libspice-server-devel-0.12.7-8.1
      spice-debugsource-0.12.7-8.1

   - SUSE Linux Enterprise Server 12-SP2 (x86_64):

      libspice-server1-0.12.7-8.1
      libspice-server1-debuginfo-0.12.7-8.1
      spice-debugsource-0.12.7-8.1

   - SUSE Linux Enterprise Desktop 12-SP2 (x86_64):

      libspice-server1-0.12.7-8.1
      libspice-server1-debuginfo-0.12.7-8.1
      spice-debugsource-0.12.7-8.1


References:

   https://www.suse.com/security/cve/CVE-2016-9577.html
   https://www.suse.com/security/cve/CVE-2016-9578.html
   https://bugzilla.suse.com/1023078
   https://bugzilla.suse.com/1023079

-- 
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org
Pro-Linux
Pro-Linux @Twitter
Neue Nachrichten

2
GUUG-F­rüh­jahrs­fach­ge­spräch im März in Darm­stadt

0
glibc 2.25 frei­ge­ge­ben

0
Tails 3.0 nur noch mit 64-Bit

3
Letz­te Phase zur Ver­öf­fent­li­chung von De­bi­an 9 »S­tret­ch« ein­ge­lei­tet

4
Hit­a­chi wird Pla­tin-Mit­glied der Linux Foun­da­ti­on

9
»Hum­ble Book Bund­le: Hacks« an­ge­kün­digt

16
Me­di­a-Cen­ter-Soft­ware Kodi 17 ver­öf­fent­licht

10
Die ver­blei­ben­den Hür­den auf dem Weg zu Gimp 2.10

8
De­bi­an-In­stal­ler 9.0 RC2 ver­öf­fent­licht

0
Pa­cke­tFence 6.5.0 er­schie­nen
 
Werbung