FS#61650 - [spice] [Security] arbitrary code execution (CVE-2019-3813)
Attached to Project:
Arch Linux
Opened by Morten Linderud (Foxboron) - Wednesday, 06 February 2019, 12:14 GMT
Last edited by Jan de Groot (JGC) - Friday, 31 May 2019, 06:49 GMT
Opened by Morten Linderud (Foxboron) - Wednesday, 06 February 2019, 12:14 GMT
Last edited by Jan de Groot (JGC) - Friday, 31 May 2019, 06:49 GMT
|
Details
Summary
======= The package spice is vulnerable to arbitrary code execution via CVE-2019-3813. Guidance ======== Apply the patch from master. References ========== https://security.archlinux.org/AVG-866 https://gitlab.freedesktop.org/spice/spice/commit/a4a16ac42d2f19a17e36556546aa94d5cd83745f https://access.redhat.com/errata/RHSA-2019:0231 |
This task depends upon
Comment by
Anatol Pomozov (anatolik) -
Wednesday, 06 February 2019, 18:15 GMT
spice-0.14.0-3 with the upstream fix is in [testing]. Please
verify it.