ID CVE-2019-3813
Summary Spice, versions 0.5.2 through 0.14.1, are vulnerable to an out-of-bounds read due to an off-by-one error in memslot_get_virt. This may lead to a denial of service, or, in the worst case, code-execution by unauthenticated attackers.
References
Vulnerable Configurations
  • Spice Project SPICE 0.5.2
    cpe:2.3:a:spice_project:spice:0.5.2
  • Spice Project SPICE 0.5.3
    cpe:2.3:a:spice_project:spice:0.5.3
  • Spice Project SPICE 0.6.0
    cpe:2.3:a:spice_project:spice:0.6.0
  • Spice Project SPICE 0.6.1
    cpe:2.3:a:spice_project:spice:0.6.1
  • Spice Project SPICE 0.6.2
    cpe:2.3:a:spice_project:spice:0.6.2
  • Spice Project SPICE 0.6.3
    cpe:2.3:a:spice_project:spice:0.6.3
  • Spice Project SPICE 0.6.4
    cpe:2.3:a:spice_project:spice:0.6.4
  • Spice Project SPICE 0.7.0
    cpe:2.3:a:spice_project:spice:0.7.0
  • Spice Project SPICE 0.7.1
    cpe:2.3:a:spice_project:spice:0.7.1
  • Spice Project SPICE 0.7.2
    cpe:2.3:a:spice_project:spice:0.7.2
  • Spice Project SPICE 0.7.3
    cpe:2.3:a:spice_project:spice:0.7.3
  • Spice Project SPICE 0.8.0
    cpe:2.3:a:spice_project:spice:0.8.0
  • Spice Project SPICE 0.8.1
    cpe:2.3:a:spice_project:spice:0.8.1
  • Spice Project SPICE 0.8.2
    cpe:2.3:a:spice_project:spice:0.8.2
  • Spice Project SPICE 0.8.3
    cpe:2.3:a:spice_project:spice:0.8.3
  • Spice Project SPICE 0.9.0
    cpe:2.3:a:spice_project:spice:0.9.0
  • Spice Project SPICE 0.9.1
    cpe:2.3:a:spice_project:spice:0.9.1
  • Spice Project SPICE 0.10.0
    cpe:2.3:a:spice_project:spice:0.10.0
  • Spice Project SPICE 0.10.1
    cpe:2.3:a:spice_project:spice:0.10.1
  • Spice Project SPICE 0.11.0
    cpe:2.3:a:spice_project:spice:0.11.0
  • Spice Project SPICE 0.11.3
    cpe:2.3:a:spice_project:spice:0.11.3
  • Spice Project SPICE 0.12.0
    cpe:2.3:a:spice_project:spice:0.12.0
  • Spice Project SPICE 0.12.2
    cpe:2.3:a:spice_project:spice:0.12.2
  • Spice Project SPICE 0.12.3
    cpe:2.3:a:spice_project:spice:0.12.3
  • Spice Project SPICE 0.12.4
    cpe:2.3:a:spice_project:spice:0.12.4
  • Red Hat Enterprise Linux Desktop 6.0
    cpe:2.3:o:redhat:enterprise_linux_desktop:6.0
  • RedHat Enterprise Linux Desktop 7.0
    cpe:2.3:o:redhat:enterprise_linux_desktop:7.0
  • Red Hat Enterprise Linux Server 6.0
    cpe:2.3:o:redhat:enterprise_linux_server:6.0
  • RedHat Enterprise Linux Server 7.0
    cpe:2.3:o:redhat:enterprise_linux_server:7.0
  • Red Hat Enterprise Linux Server Advanced mission critical Update Support (AUS) 7.6
    cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6
  • Red Hat Enterprise Linux Server Extended Update Support (EUS) 7.6
    cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6
  • Red Hat Enterprise Linux Server Telecommunications Update Service (TUS) 7.6
    cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6
  • Red Hat Enterprise Linux Workstation 6.0
    cpe:2.3:o:redhat:enterprise_linux_workstation:6.0
  • RedHat Enterprise Linux Workstation 7.0
    cpe:2.3:o:redhat:enterprise_linux_workstation:7.0
  • Red Hat Virtualization 4.0
    cpe:2.3:o:redhat:virtualization:4.0
  • Debian Linux 8.0 (Jessie)
    cpe:2.3:o:debian:debian_linux:8.0
  • Debian Linux 9.0
    cpe:2.3:o:debian:debian_linux:9.0
  • Canonical Ubuntu Linux 14.04 LTS (Long-Term Support)
    cpe:2.3:o:canonical:ubuntu_linux:14.04:-:-:-:lts
  • Canonical Ubuntu Linux 16.04 LTS (Long-Term Support)
    cpe:2.3:o:canonical:ubuntu_linux:16.04:-:-:-:lts
  • Canonical Ubuntu Linux 18.04 LTS Edition
    cpe:2.3:o:canonical:ubuntu_linux:18.04:-:-:-:lts
  • Canonical Ubuntu Linux 18.10
    cpe:2.3:o:canonical:ubuntu_linux:18.10
CVSS
Base: 5.4
Impact:
Exploitability:
CWE CWE-125
CAPEC
  • Overread Buffers
    An adversary attacks a target by providing input that causes an application to read beyond the boundary of a defined buffer. This typically occurs when a value influencing where to start or stop reading is set to reflect positions outside of the valid memory location of the buffer. This type of attack may result in exposure of sensitive information, a system crash, or arbitrary code execution.
nessus via4
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20190131_SPICE_SERVER_ON_SL6_X.NASL
    description Security Fix(es) : - spice: Off-by-one error in array access in spice/server/memslot.c (CVE-2019-3813)
    last seen 2019-02-21
    modified 2019-02-06
    plugin id 121535
    published 2019-02-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=121535
    title Scientific Linux Security Update : spice-server on SL6.x x86_64
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2019-167.NASL
    description This update for spice fixes the following issues : Security issue fixed : - CVE-2019-3813: Fixed a out-of-bounds read in the memslot_get_virt function that could lead to denial-of-service or code-execution (bsc#1122706). Non-security issue fixed : - Include spice-server tweak to compensate for performance issues with Windows guests (bsc#1109044). This update was imported from the SUSE:SLE-15:Update update project.
    last seen 2019-02-21
    modified 2019-02-14
    plugin id 122180
    published 2019-02-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=122180
    title openSUSE Security Update : spice (openSUSE-2019-167)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2019-0241-1.NASL
    description This update for spice fixes the following issues : Security issue fixed : CVE-2019-3813: Fixed a out-of-bounds read in the memslot_get_virt function that could lead to denial-of-service or code-execution (bsc#1122706). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2019-02-06
    plugin id 121614
    published 2019-02-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=121614
    title SUSE SLED12 / SLES12 Security Update : spice (SUSE-SU-2019:0241-1)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2019-A095A16C47.NASL
    description Fixes CVE-2019-3813 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2019-02-11
    plugin id 122079
    published 2019-02-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=122079
    title Fedora 29 : spice (2019-a095a16c47)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2019-0232.NASL
    description An update for spice-server is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The Simple Protocol for Independent Computing Environments (SPICE) is a remote display protocol for virtual environments. SPICE users can access a virtualized desktop or server from the local system or any system with network access to the server. SPICE is used in Red Hat Enterprise Linux for viewing virtualized guests running on the Kernel-based Virtual Machine (KVM) hypervisor or on Red Hat Enterprise Virtualization Hypervisors. Security Fix(es) : * spice: Off-by-one error in array access in spice/server/memslot.c (CVE-2019-3813) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. This issue was discovered by Christophe Fergeau (Red Hat).
    last seen 2019-02-21
    modified 2019-02-06
    plugin id 121530
    published 2019-02-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=121530
    title RHEL 6 : spice-server (RHSA-2019:0232)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2019-0231-1.NASL
    description This update for spice fixes the following issues : Security issue fixed : CVE-2019-3813: Fixed a out-of-bounds read in the memslot_get_virt function that could lead to denial-of-service or code-execution (bsc#1122706). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2019-02-06
    plugin id 121613
    published 2019-02-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=121613
    title SUSE SLES12 Security Update : spice (SUSE-SU-2019:0231-1)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-3870-1.NASL
    description Christophe Fergeau discovered that Spice incorrectly handled memory. A remote attacker could use this to cause Spice to crash, resulting in a denial of service, or possibly execute arbitrary code. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2019-02-06
    plugin id 121432
    published 2019-01-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=121432
    title Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 18.10 : spice vulnerability (USN-3870-1)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2019-0229-1.NASL
    description This update for spice fixes the following issues : Security issue fixed : CVE-2019-3813: Fixed a out-of-bounds read in the memslot_get_virt function that could lead to denial-of-service or code-execution (bsc#1122706). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2019-02-06
    plugin id 121611
    published 2019-02-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=121611
    title SUSE SLES12 Security Update : spice (SUSE-SU-2019:0229-1)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DLA-1649.NASL
    description Christophe Fergeau discovered an out-of-bounds read vulnerability in spice, a SPICE protocol client and server library, which might result in denial of service (spice server crash), or possibly, execution of arbitrary code. For Debian 8 'Jessie', this problem has been fixed in version 0.12.5-1+deb8u7. We recommend that you upgrade your spice packages. NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2019-02-06
    plugin id 121481
    published 2019-01-31
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=121481
    title Debian DLA-1649-1 : spice security update
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2019-0231.NASL
    description From Red Hat Security Advisory 2019:0231 : An update for spice is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The Simple Protocol for Independent Computing Environments (SPICE) is a remote display system built for virtual environments which allows the user to view a computing 'desktop' environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. Security Fix(es) : * spice: Off-by-one error in array access in spice/server/memslot.c (CVE-2019-3813) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. This issue was discovered by Christophe Fergeau (Red Hat).
    last seen 2019-02-21
    modified 2019-02-06
    plugin id 121525
    published 2019-02-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=121525
    title Oracle Linux 7 : spice (ELSA-2019-0231)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20190131_SPICE_ON_SL7_X.NASL
    description Security Fix(es) : - spice: Off-by-one error in array access in spice/server/memslot.c (CVE-2019-3813)
    last seen 2019-02-21
    modified 2019-02-06
    plugin id 121534
    published 2019-02-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=121534
    title Scientific Linux Security Update : spice on SL7.x x86_64
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2019-0232.NASL
    description An update for spice-server is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The Simple Protocol for Independent Computing Environments (SPICE) is a remote display protocol for virtual environments. SPICE users can access a virtualized desktop or server from the local system or any system with network access to the server. SPICE is used in Red Hat Enterprise Linux for viewing virtualized guests running on the Kernel-based Virtual Machine (KVM) hypervisor or on Red Hat Enterprise Virtualization Hypervisors. Security Fix(es) : * spice: Off-by-one error in array access in spice/server/memslot.c (CVE-2019-3813) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. This issue was discovered by Christophe Fergeau (Red Hat).
    last seen 2019-02-21
    modified 2019-02-11
    plugin id 122063
    published 2019-02-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=122063
    title CentOS 6 : spice-server (CESA-2019:0232)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2019-0231.NASL
    description An update for spice is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The Simple Protocol for Independent Computing Environments (SPICE) is a remote display system built for virtual environments which allows the user to view a computing 'desktop' environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. Security Fix(es) : * spice: Off-by-one error in array access in spice/server/memslot.c (CVE-2019-3813) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. This issue was discovered by Christophe Fergeau (Red Hat).
    last seen 2019-02-21
    modified 2019-02-11
    plugin id 122062
    published 2019-02-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=122062
    title CentOS 7 : spice (CESA-2019:0231)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2019-176.NASL
    description This update for spice fixes the following issues : Security issue fixed : - CVE-2019-3813: Fixed a out-of-bounds read in the memslot_get_virt function that could lead to denial-of-service or code-execution (bsc#1122706). This update was imported from the SUSE:SLE-12-SP3:Update update project.
    last seen 2019-02-21
    modified 2019-02-15
    plugin id 122223
    published 2019-02-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=122223
    title openSUSE Security Update : spice (openSUSE-2019-176)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2019-0232.NASL
    description From Red Hat Security Advisory 2019:0232 : An update for spice-server is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The Simple Protocol for Independent Computing Environments (SPICE) is a remote display protocol for virtual environments. SPICE users can access a virtualized desktop or server from the local system or any system with network access to the server. SPICE is used in Red Hat Enterprise Linux for viewing virtualized guests running on the Kernel-based Virtual Machine (KVM) hypervisor or on Red Hat Enterprise Virtualization Hypervisors. Security Fix(es) : * spice: Off-by-one error in array access in spice/server/memslot.c (CVE-2019-3813) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. This issue was discovered by Christophe Fergeau (Red Hat).
    last seen 2019-02-21
    modified 2019-02-06
    plugin id 121526
    published 2019-02-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=121526
    title Oracle Linux 6 : spice-server (ELSA-2019-0232)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2019-13943-1.NASL
    description This update for spice fixes the following issues : Security issue fixed : CVE-2019-3813: Fixed an out-of-bounds read in the memslot_get_virt function that could lead to denial-of-service or code-execution (bsc#1122706). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2019-02-08
    plugin id 122051
    published 2019-02-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=122051
    title SUSE SLES11 Security Update : spice (SUSE-SU-2019:13943-1)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2019-0230-1.NASL
    description This update for spice fixes the following issues : Security issue fixed : CVE-2019-3813: Fixed a out-of-bounds read in the memslot_get_virt function that could lead to denial-of-service or code-execution (bsc#1122706). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2019-02-06
    plugin id 121612
    published 2019-02-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=121612
    title SUSE SLES12 Security Update : spice (SUSE-SU-2019:0230-1)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2019-0242-1.NASL
    description This update for spice fixes the following issues : Security issue fixed : CVE-2019-3813: Fixed a out-of-bounds read in the memslot_get_virt function that could lead to denial-of-service or code-execution (bsc#1122706). Non-security issue fixed: Include spice-server tweak to compensate for performance issues with Windows guests (bsc#1109044). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2019-02-06
    plugin id 121615
    published 2019-02-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=121615
    title SUSE SLES15 Security Update : spice (SUSE-SU-2019:0242-1)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-4375.NASL
    description Christophe Fergeau discovered an out-of-bounds read vulnerability in spice, a SPICE protocol client and server library, which might result in denial of service (spice server crash), or possibly, execution of arbitrary code.
    last seen 2019-02-21
    modified 2019-02-06
    plugin id 121438
    published 2019-01-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=121438
    title Debian DSA-4375-1 : spice - security update
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2019-0231.NASL
    description An update for spice is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The Simple Protocol for Independent Computing Environments (SPICE) is a remote display system built for virtual environments which allows the user to view a computing 'desktop' environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. Security Fix(es) : * spice: Off-by-one error in array access in spice/server/memslot.c (CVE-2019-3813) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. This issue was discovered by Christophe Fergeau (Red Hat).
    last seen 2019-02-21
    modified 2019-02-06
    plugin id 121529
    published 2019-02-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=121529
    title RHEL 7 : spice (RHSA-2019:0231)
redhat via4
advisories
  • bugzilla
    id 1665371
    title CVE-2019-3813 spice: Off-by-one error in array access in spice/server/memslot.c
    oval
    AND
    • OR
      • comment Red Hat Enterprise Linux 7 Client is installed
        oval oval:com.redhat.rhba:tst:20150364001
      • comment Red Hat Enterprise Linux 7 Server is installed
        oval oval:com.redhat.rhba:tst:20150364002
      • comment Red Hat Enterprise Linux 7 Workstation is installed
        oval oval:com.redhat.rhba:tst:20150364003
      • comment Red Hat Enterprise Linux 7 ComputeNode is installed
        oval oval:com.redhat.rhba:tst:20150364004
    • OR
      • AND
        • comment spice-server is earlier than 0:0.14.0-6.el7_6.1
          oval oval:com.redhat.rhsa:tst:20190231005
        • comment spice-server is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20131192006
      • AND
        • comment spice-server-devel is earlier than 0:0.14.0-6.el7_6.1
          oval oval:com.redhat.rhsa:tst:20190231007
        • comment spice-server-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20131192008
    rhsa
    id RHSA-2019:0231
    released 2019-01-31
    severity Important
    title RHSA-2019:0231: spice security update (Important)
  • bugzilla
    id 1665371
    title CVE-2019-3813 spice: Off-by-one error in array access in spice/server/memslot.c
    oval
    AND
    • comment spice-server is earlier than 0:0.12.4-16.el6_10.3
      oval oval:com.redhat.rhsa:tst:20190232005
    • comment spice-server is signed with Red Hat redhatrelease2 key
      oval oval:com.redhat.rhsa:tst:20131192006
    • OR
      • comment Red Hat Enterprise Linux 6 Client is installed
        oval oval:com.redhat.rhba:tst:20111656001
      • comment Red Hat Enterprise Linux 6 Server is installed
        oval oval:com.redhat.rhba:tst:20111656002
      • comment Red Hat Enterprise Linux 6 Workstation is installed
        oval oval:com.redhat.rhba:tst:20111656003
      • comment Red Hat Enterprise Linux 6 ComputeNode is installed
        oval oval:com.redhat.rhba:tst:20111656004
    rhsa
    id RHSA-2019:0232
    released 2019-01-31
    severity Important
    title RHSA-2019:0232: spice-server security update (Important)
  • rhsa
    id RHSA-2019:0457
rpms
  • spice-server-0:0.14.0-6.el7_6.1
  • spice-server-devel-0:0.14.0-6.el7_6.1
  • spice-server-0:0.12.4-16.el6_10.3
refmap via4
bid 106801
confirm https://bugzilla.redhat.com/show_bug.cgi?id=1665371
debian DSA-4375
mlist [debian-lts-announce] 20190130 [SECURITY] [DLA 1649-1] spice security update
ubuntu USN-3870-1
Last major update 04-02-2019 - 13:29
Published 04-02-2019 - 13:29
Last modified 08-03-2019 - 13:42
Back to Top