system environment/libraries

spice-server - Implements the server side of the SPICE protocol

Website: http://www.spice-space.org/
License: LGPLv2+
Vendor: Scientific Linux
Description:
The Simple Protocol for Independent Computing Environments (SPICE) is
a remote display system built for virtual environments which allows
you to view a computing 'desktop' environment not only on the machine
where it is running, but from anywhere on the Internet and from a wide
variety of machine architectures.

This package contains the runtime libraries for any application that wishes
to be a SPICE server.

Packages

spice-server-0.12.4-16.el6_10.3.x86_64 [346 KiB] Changelog by Christophe Fergeau (2019-01-24):
- Fix off-by-one error during guest-to-host memory address conversion
  Resolves: CVE-2019-3813
spice-server-0.12.4-16.el6_10.2.x86_64 [346 KiB] Changelog by Christophe Fergeau (2018-10-15):
- Prevent potential buffer/integer overflows with invalid MonitorsConfig messages
  sent from an authenticated client
  Resolves: CVE-2017-7506
spice-server-0.12.4-16.el6_10.1.x86_64 [346 KiB] Changelog by Frediano Ziglio (2018-08-10):
- Fix flexible array buffer overflow
  Resolves: rhbz#1596008
spice-server-0.12.4-13.el6_8.2.x86_64 [345 KiB] Changelog by Frediano Ziglio (2016-12-09):
- Fix buffer overflow in main_channel_alloc_msg_rcv_buf when reading large
  messages.
  Resolves: CVE-2016-9577
- Fix remote DoS via crafted message.
  Resolves: CVE-2016-9578
spice-server-0.12.4-13.el6.1.x86_64 [345 KiB] Changelog by Christophe Fergeau (2016-04-26):
- Fix heap-based memory corruption within smartcard handling
  Resolves: CVE-2016-0749
- Fix host memory access from guest with invalid primary surface parameters
  Resolves: CVE-2016-2150
spice-server-0.12.4-12.el6_7.3.x86_64 [345 KiB] Changelog by Frediano Ziglio (2015-09-23):
- CVE-2015-5260 CVE-2015-5261 fixed various security flaws
  Resolves: rhbz#1262769
spice-server-0.12.4-12.el6_7.1.x86_64 [344 KiB] Changelog by Christophe Fergeau (2015-07-21):
- Avoid race conditions reading monitor configs from guest. This race could
  trigger memory corruption host-side
  Resolves: rhbz#1239124
spice-server-0.12.4-6.el6.x86_64 [342 KiB] Changelog by Christophe Fergeau (2013-10-14):
- Fix bad error handling in the patch for CVE-2013-4282
  Related: rhbz#999839 (CVE-2013-4282)
spice-server-0.12.0-12.el6_4.5.x86_64 [325 KiB] Changelog by Christophe Fergeau (2013-10-14):
- Fix issue with error-handling of RSA_private_decrypt() in previous patch
  Related: CVE-2013-4282
spice-server-0.12.0-12.el6_4.3.x86_64 [325 KiB] Changelog by Jonathon Jongsma (2013-08-28):
- Fixes an abort on unsafe client ring access
  Resolves: rhbz#986298

Listing created by Repoview-0.6.6-4.el7