Synopsis:	Important: qspice security update
Issue date:	2010-08-19
CVE Names:	CVE-2010-0428 CVE-2010-0429

It was found that the libspice component of QEMU-KVM on the host did not
validate all pointers provided from a guest system's QXL graphics card
driver. A privileged guest user could use this flaw to cause the host to
dereference an invalid pointer, causing the guest to crash (denial of
service) or, possibly, resulting in the privileged guest user escalating
their privileges on the host. (CVE-2010-0428)

It was found that the libspice component of QEMU-KVM on the host could 
be forced to perform certain memory management operations on memory 
addresses controlled by a guest. A privileged guest user could use this 
flaw to crash the guest (denial of service) or, possibly, escalate their 
privileges on the host. (CVE-2010-0429)

SL 5.x

     SRPMS:
qspice-0.3.0-54.el5_5.2.src.rpm
     x86_64:
qspice-0.3.0-54.el5_5.2.x86_64.rpm
qspice-libs-0.3.0-54.el5_5.2.x86_64.rpm
qspice-libs-devel-0.3.0-54.el5_5.2.x86_64.rpm

-Connie Sieh
-Troy Dawson