Synopsis: Important: spice-gtk security update Advisory ID: SLSA-2013:1273-1 Issue Date: 2013-09-19 CVE Numbers: CVE-2013-4324 -- spice-gtk communicated with PolicyKit for authorization via an API that is vulnerable to a race condition. This could lead to intended PolicyKit authorizations being bypassed. This update modifies spice-gtk to communicate with PolicyKit via a different API that is not vulnerable to the race condition. (CVE-2013-4324) -- SL6 x86_64 spice-glib-0.14-7.el6_4.3.i686.rpm spice-glib-0.14-7.el6_4.3.x86_64.rpm spice-gtk-0.14-7.el6_4.3.i686.rpm spice-gtk-0.14-7.el6_4.3.x86_64.rpm spice-gtk-debuginfo-0.14-7.el6_4.3.i686.rpm spice-gtk-debuginfo-0.14-7.el6_4.3.x86_64.rpm spice-gtk-python-0.14-7.el6_4.3.x86_64.rpm spice-glib-devel-0.14-7.el6_4.3.i686.rpm spice-glib-devel-0.14-7.el6_4.3.x86_64.rpm spice-gtk-devel-0.14-7.el6_4.3.i686.rpm spice-gtk-devel-0.14-7.el6_4.3.x86_64.rpm spice-gtk-tools-0.14-7.el6_4.3.x86_64.rpm i386 spice-glib-0.14-7.el6_4.3.i686.rpm spice-gtk-0.14-7.el6_4.3.i686.rpm spice-gtk-debuginfo-0.14-7.el6_4.3.i686.rpm spice-gtk-python-0.14-7.el6_4.3.i686.rpm spice-glib-devel-0.14-7.el6_4.3.i686.rpm spice-gtk-devel-0.14-7.el6_4.3.i686.rpm spice-gtk-tools-0.14-7.el6_4.3.i686.rpm - Scientific Linux Development Team