SUSE-SU-2018:0877-1 -- SLES spice-gtk, libspice, typelibID: oval:org.secpod.oval:def:89002059 | Date: (C)2021-02-26 (M)2022-10-10 |
Class: PATCH | Family: unix |
This update for spice-gtk fixes the following issues: - CVE-2017-12194: A flaw was found in the way spice-client processed certain messages sent from the server. An attacker, having control of malicious spice-server, could use this flaw to crash the client or execute arbitrary code with permissions of the user running the client. spice-gtk versions through 0.34 are believed to be vulnerable
Platform: |
SUSE Linux Enterprise Server 12 SP3 |
Product: |
spice-gtk |
libspice |
typelib |