Joined: 12 May 2004
|Posted: Thu Jun 16, 2016 7:26 pm Post subject: [ GLSA 201606-05 ] spice
|Gentoo Linux Security Advisory
Title: spice: Multiple vulnerabilities (GLSA 201606-05)
Exploitable: local, remote
Date: June 16, 2016
Bug(s): #560006, #562890, #584126
Multiple vulnerabilities have been found in spice, the worst of
which may result in the remote execution of arbitrary code.
Provides a complete open source solution for remote access to virtual
machines in a seamless way so you can play videos, record audio, share
usb devices and share folders without complications.
Vulnerable: < 0.12.7-r1
Unaffected: >= 0.12.7-r1
Architectures: All supported architectures
Multiple vulnerabilities have been discovered in spice, please review
the CVE identifiers referenced below for details.
A remote attacker could possibly execute arbitrary code. Additionally, a
local attacker could cause a Denial of Service.
There is no known workaround at this time.
All spice users should upgrade to the latest version:
|# emerge --sync
# emerge --ask --oneshot --verbose ">=app-emulation/spice-0.12.7-r1"