Moderate: qspice-client security update
| Advisory: | RHSA-2010:0632-3 |
|---|---|
| Type: | Security Advisory |
| Severity: | Moderate |
| Issued on: | 2010-08-25 |
| Last updated on: | 2010-08-25 |
| Affected Products: | RHEL Optional Productivity Applications (v. 5 server) Red Hat Enterprise Linux Desktop (v. 5 client) |
| CVEs (cve.mitre.org): |
CVE-2010-2792 |
Details
An updated qspice-client package that fixes one security issue is now
available for Red Hat Enterprise Linux 5.
The Red Hat Security Response Team has rated this update as having moderate
security impact. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available from the CVE link in
the References section.
The Simple Protocol for Independent Computing Environments (SPICE) is a
remote display protocol used in Red Hat Enterprise Linux for viewing
virtualized guests running on the Kernel-based Virtual Machine (KVM)
hypervisor, or on Red Hat Enterprise Virtualization Hypervisor.
The qspice-client package provides the client side of the SPICE protocol.
A race condition was found in the way the SPICE Mozilla Firefox plug-in and
the SPICE client communicated. A local attacker could use this flaw to
trick the plug-in and the SPICE client into communicating over an
attacker-controlled socket, possibly gaining access to authentication
details, or resulting in a man-in-the-middle attack on the SPICE
connection. (CVE-2010-2792)
Users of qspice-client should upgrade to this updated package, which
contains a backported patch to correct this issue.
Solution
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259
Updated packages
| RHEL Optional Productivity Applications (v. 5 server) | |
| SRPMS: | |
| qspice-client-0.3.0-4.el5_5.src.rpm | MD5: db9bb1287bf4e056717bdd7baac8d191 SHA-256: 9c264b1396ed789a617c0c642ff7e61ff5b273c6d790fd926f0b68cc428973d5 |
| IA-32: | |
| qspice-client-0.3.0-4.el5_5.i386.rpm | MD5: 4dc409012c0c326ef2c0bcc11bdc9d5c SHA-256: c9f06d57ac2010d82d1fcdf3b1b82afc4e95c46da8cb125dcc2a2ee091a81df7 |
| x86_64: | |
| qspice-client-0.3.0-4.el5_5.x86_64.rpm | MD5: ba1acac78e8a307f2430d08383f361c8 SHA-256: f3bdc1dc58456bb2d0640235e23e9d9a24ddf2591cda75399dc9729fe3074e9e |
| Red Hat Enterprise Linux Desktop (v. 5 client) | |
| SRPMS: | |
| qspice-client-0.3.0-4.el5_5.src.rpm | MD5: db9bb1287bf4e056717bdd7baac8d191 SHA-256: 9c264b1396ed789a617c0c642ff7e61ff5b273c6d790fd926f0b68cc428973d5 |
| IA-32: | |
| qspice-client-0.3.0-4.el5_5.i386.rpm | MD5: 4dc409012c0c326ef2c0bcc11bdc9d5c SHA-256: c9f06d57ac2010d82d1fcdf3b1b82afc4e95c46da8cb125dcc2a2ee091a81df7 |
| x86_64: | |
| qspice-client-0.3.0-4.el5_5.x86_64.rpm | MD5: ba1acac78e8a307f2430d08383f361c8 SHA-256: f3bdc1dc58456bb2d0640235e23e9d9a24ddf2591cda75399dc9729fe3074e9e |
| (The unlinked packages above are only available from the Red Hat Network) | |
Bugs fixed (see bugzilla for more information)
620350 - CVE-2010-2792 spice-xpi/qspice-client unix socket race
References
http://www.redhat.com/security/updates/classification/#moderate
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package
The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/
