Sender: |
|
Date: |
Thu, 20 Sep 2012 08:34:55 -0500 |
Reply-To: |
|
Content-Transfer-Encoding: |
7bit |
Subject: |
|
From: |
|
Content-Type: |
text/plain; charset="ISO-8859-1"; format=flowed |
In-Reply-To: |
|
Organization: |
Fermilab |
MIME-Version: |
1.0 |
Parts/Attachments: |
|
|
An update to virt-viewer has been added for all versions as well. This
should resolve any dependency issues related to updating spice-glib on
systems with virt-viewer.
Pat
On 09/17/2012 01:43 PM, Pat Riehecky wrote:
> Synopsis: Moderate: spice-gtk security update
> Issue Date: 2012-09-17
> CVE Numbers: CVE-2012-4425
>
> The spice-gtk packages provide a GIMP Toolkit (GTK+) widget for SPICE
> (Simple Protocol for Independent Computing Environments) clients. Both
> Virtual Machine Manager and Virtual Machine Viewer can make use of this
> widget to access virtual machines using the SPICE protocol.
>
> It was discovered that the spice-gtk setuid helper application,
> spice-client-glib-usb-acl-helper, did not clear the environment variables
> read by the libraries it uses. A local attacker could possibly use this
> flaw to escalate their privileges by setting specific environment
> variables
> before running the helper application. (CVE-2012-4425)
>
> All users of spice-gtk are advised to upgrade to these updated packages,
> which contain a backported patch to correct this issue.
>
> To resolve dependencies gtk2, libcacard, libusb1, and spice-protocol
> have been added to the necessary repositories.
>
>
> SL6
> x86_64
> spice-glib-0.11-11.el6_3.1.i686.rpm
> spice-glib-0.11-11.el6_3.1.x86_64.rpm
> spice-gtk-0.11-11.el6_3.1.i686.rpm
> spice-gtk-0.11-11.el6_3.1.x86_64.rpm
> spice-gtk-python-0.11-11.el6_3.1.x86_64.rpm
> spice-glib-devel-0.11-11.el6_3.1.i686.rpm
> spice-glib-devel-0.11-11.el6_3.1.x86_64.rpm
> spice-gtk-devel-0.11-11.el6_3.1.i686.rpm
> spice-gtk-devel-0.11-11.el6_3.1.x86_64.rpm
> spice-gtk-tools-0.11-11.el6_3.1.x86_64.rpm
>
> Dependencies:
> gtk2-2.18.9-10.el6.i686.rpm
> gtk2-2.18.9-10.el6.x86_64.rpm
> gtk2-devel-2.18.9-10.el6.i686.rpm
> gtk2-devel-2.18.9-10.el6.x86_64.rpm
> gtk2-devel-docs-2.18.9-10.el6.x86_64.rpm
> gtk2-immodules-2.18.9-10.el6.i686.rpm
> gtk2-immodules-2.18.9-10.el6.x86_64.rpm
> gtk2-immodule-xim-2.18.9-10.el6.i686.rpm
> gtk2-immodule-xim-2.18.9-10.el6.x86_64.rpm
> libcacard-0.15.0-2.el6.i686.rpm
> libcacard-0.15.0-2.el6.x86_64.rpm
> libcacard-devel-0.15.0-2.el6.i686.rpm
> libcacard-devel-0.15.0-2.el6.x86_64.rpm
> libcacard-tools-0.15.0-2.el6.x86_64.rpm
> libusb1-1.0.9-0.5.rc1.el6.i686.rpm
> libusb1-1.0.9-0.5.rc1.el6.x86_64.rpm
> libusb1-devel-1.0.9-0.5.rc1.el6.i686.rpm
> libusb1-devel-1.0.9-0.5.rc1.el6.x86_64.rpm
> libusb1-static-1.0.9-0.5.rc1.el6.x86_64.rpm
> spice-protocol-0.10.1-5.el6.noarch.rpm
>
> i386
> spice-glib-0.11-11.el6_3.1.i686.rpm
> spice-gtk-0.11-11.el6_3.1.i686.rpm
> spice-gtk-python-0.11-11.el6_3.1.i686.rpm
> spice-glib-devel-0.11-11.el6_3.1.i686.rpm
> spice-gtk-devel-0.11-11.el6_3.1.i686.rpm
> spice-gtk-tools-0.11-11.el6_3.1.i686.rpm
>
> Dependencies:
> gtk2-2.18.9-10.el6.i686.rpm
> gtk2-devel-2.18.9-10.el6.i686.rpm
> gtk2-devel-docs-2.18.9-10.el6.i686.rpm
> gtk2-immodules-2.18.9-10.el6.i686.rpm
> gtk2-immodule-xim-2.18.9-10.el6.i686.rpm
> libcacard-0.15.0-2.el6.i686.rpm
> libcacard-devel-0.15.0-2.el6.i686.rpm
> libcacard-tools-0.15.0-2.el6.i686.rpm
> libusb1-1.0.9-0.5.rc1.el6.i686.rpm
> libusb1-devel-1.0.9-0.5.rc1.el6.i686.rpm
> libusb1-static-1.0.9-0.5.rc1.el6.i686.rpm
> spice-protocol-0.10.1-5.el6.noarch.rpm
>
> - Scientific Linux Development Team
--
Pat Riehecky
Scientific Linux Developer
|
|
|