FEDORA-2021-510977db25 created by victortoso 10 months ago for Fedora 32
stable

Update to spice-vdagent 0.21.0: security fixes: CVE-2020-25650, CVE-2020-25651, CVE-2020-25652, CVE-2020-25653

How to install

sudo dnf upgrade --advisory=FEDORA-2021-510977db25

This update has been submitted for testing by victortoso.

10 months ago

This update's test gating status has been changed to 'ignored'.

10 months ago

This update's test gating status has been changed to 'waiting'.

10 months ago

This update's test gating status has been changed to 'ignored'.

10 months ago

This update has been pushed to testing.

10 months ago
User Icon pwalter commented & provided feedback 10 months ago
karma

Works

This update can be pushed to stable now if the maintainer wishes

10 months ago

This update has been submitted for stable by bodhi.

10 months ago

This update has been pushed to stable.

10 months ago

Please login to add feedback.

Metadata
Type
security
Severity
low
Karma
1
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
7 days
Dates
submitted
10 months ago
in testing
10 months ago
in stable
10 months ago
BZ#1886345 CVE-2020-25650 spice-vdagent: memory DoS via arbitrary entries in active_xfers hash table
0
0
BZ#1886359 CVE-2020-25651 spice-vdagent: possible file transfer DoS and information leak via active_xfers hash map
0
0
BZ#1886366 CVE-2020-25652 spice-vdagent: possibility to exhaust file descriptors in vdagentd
0
0
BZ#1886372 CVE-2020-25653 spice-vdagent: UNIX domain socket peer PID retrieved via SO_PEERCRED is subject to race condition
0
0
BZ#1894433 CVE-2020-25650 spice-vdagent: memory DoS via arbitrary entries in `active_xfers` hash table [fedora-all]
0
0
BZ#1894434 CVE-2020-25651 spice-vdagent: possible file transfer DoS and information leak via `active_xfers` hash map [fedora-all]
0
0
BZ#1894435 CVE-2020-25652 spice-vdagent: possibility to exhaust file descriptors in `vdagentd` [fedora-all]
0
0
BZ#1894436 CVE-2020-25653 spice-vdagent: UNIX domain socket peer PID retrieved via `SO_PEERCRED` is subject to race condition [fedora-all]
0
0

Automated Test Results