Oracle Linux 6277 Published by

A spice and spice-gtk security update has been released for Oracle Linux 7.



El-errata: ELSA-2020-4187 Important: Oracle Linux 7 spice and spice-gtk security update


Oracle Linux Security Advisory ELSA-2020-4187

  http://linux.oracle.com/errata/ELSA-2020-4187.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
spice-glib-0.35-5.el7_9.1.i686.rpm
spice-glib-0.35-5.el7_9.1.x86_64.rpm
spice-glib-devel-0.35-5.el7_9.1.i686.rpm
spice-glib-devel-0.35-5.el7_9.1.x86_64.rpm
spice-gtk-tools-0.35-5.el7_9.1.x86_64.rpm
spice-gtk3-0.35-5.el7_9.1.i686.rpm
spice-gtk3-0.35-5.el7_9.1.x86_64.rpm
spice-gtk3-devel-0.35-5.el7_9.1.i686.rpm
spice-gtk3-devel-0.35-5.el7_9.1.x86_64.rpm
spice-gtk3-vala-0.35-5.el7_9.1.x86_64.rpm
spice-server-0.14.0-9.el7_9.1.x86_64.rpm
spice-server-devel-0.14.0-9.el7_9.1.x86_64.rpm

SRPMS:
  http://oss.oracle.com/ol7/SRPMS-updates/spice-0.14.0-9.el7_9.1.src.rpm
  http://oss.oracle.com/ol7/SRPMS-updates/spice-gtk-0.35-5.el7_9.1.src.rpm


Description of changes:

spice
[0.14.0-9.1]
- Fix multiple buffer overflows in QUIC decoding code
Resolves: CVE-2020-14355

spice-gtk
[0.35-5.1]
- Fix multiple buffer overflows in QUIC decoding code
Resolves: CVE-2020-14355