Synopsis: Moderate: spice-server security update Advisory ID: SLSA-2013:1192-1 Issue Date: 2013-09-03 CVE Numbers: CVE-2013-4130 -- A flaw was found in the way concurrent access to the clients ring buffer was performed in the spice-server library. A remote user able to initiate a SPICE connection to an application acting as a SPICE server could use this flaw to crash the application. (CVE-2013-4130) Applications acting as a SPICE server must be restarted for this update to take effect. Note that QEMU-KVM guests providing SPICE console access must be restarted for this update to take effect. -- SL6 x86_64 spice-server-0.12.0-12.el6_4.3.x86_64.rpm spice-server-debuginfo-0.12.0-12.el6_4.3.x86_64.rpm spice-server-devel-0.12.0-12.el6_4.3.x86_64.rpm - Scientific Linux Development Team