Skip to navigation

Security Advisory Moderate: spice-xpi security update

Advisory: RHSA-2011:0426-1
Type: Security Advisory
Severity: Moderate
Issued on: 2011-04-07
Last updated on: 2011-04-07
Affected Products: Red Hat Enterprise Linux Desktop (v. 6)
Red Hat Enterprise Linux HPC Node (v. 6)
Red Hat Enterprise Linux Server (v. 6)
Red Hat Enterprise Linux Server EUS (v. 6.0.z)
Red Hat Enterprise Linux Workstation (v. 6)
CVEs (cve.mitre.org): CVE-2011-0012
CVE-2011-1179

Details

An updated spice-xpi package that fixes two security issues is now
available for Red Hat Enterprise Linux 6.

The Red Hat Security Response Team has rated this update as having moderate
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.

The Simple Protocol for Independent Computing Environments (SPICE) is a
remote display protocol used in Red Hat Enterprise Linux for viewing
virtualized guests running on the Kernel-based Virtual Machine (KVM)
hypervisor, or on Red Hat Enterprise Virtualization Hypervisor.

The spice-xpi package provides a plug-in that allows the SPICE client to
run from within Mozilla Firefox.

An uninitialized pointer use flaw was found in the SPICE Firefox plug-in.
If a user were tricked into visiting a malicious web page with Firefox
while the SPICE plug-in was enabled, it could cause Firefox to crash or,
possibly, execute arbitrary code with the privileges of the user running
Firefox. (CVE-2011-1179)

It was found that the SPICE Firefox plug-in used a predictable name for one
of its log files. A local attacker could use this flaw to conduct a
symbolic link attack, allowing them to overwrite arbitrary files accessible
to the user running Firefox. (CVE-2011-0012)

Users of spice-xpi should upgrade to this updated package, which contains
backported patches to correct these issues. After installing the update,
Firefox must be restarted for the changes to take effect.


Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259

Updated packages

Red Hat Enterprise Linux Desktop (v. 6)

SRPMS:
spice-xpi-2.4-1.el6_0.2.src.rpm
File outdated by:  RHEA-2013:1667
    MD5: 68da0392cb74438b0c1070f5e01fba78
SHA-256: d99d39278d12150625d5f8b093cd7dca49bd219b172b35d278ce9f0ec8faa51d
 
IA-32:
spice-xpi-2.4-1.el6_0.2.i686.rpm
File outdated by:  RHEA-2013:1667
    MD5: 95e48d7593228bca9af4774a4727af23
SHA-256: 1a744a6c3ce8426fb324cd7e1318f9d24b0c99e691b9db898ccd78b7e114b1b0
spice-xpi-debuginfo-2.4-1.el6_0.2.i686.rpm
File outdated by:  RHEA-2013:1667
    MD5: 0b7f72dc1b35b576fe4f6c0ee2a78686
SHA-256: 712ce6755b973f4e46fd5029e0e58338ab8bd3c2d50932a1d757421da528fe31
 
x86_64:
spice-xpi-2.4-1.el6_0.2.x86_64.rpm
File outdated by:  RHEA-2013:1667
    MD5: 297d6fbe3ea8961dbe22f59ed30dcaa8
SHA-256: abfefaf875c01bc27dbdaa7656bcbe20af54083b4a4c4d0d7e6659b9fb6ed2d7
spice-xpi-debuginfo-2.4-1.el6_0.2.x86_64.rpm
File outdated by:  RHEA-2013:1667
    MD5: a1c2d9d022d5da2040bb65a86edcb45a
SHA-256: 1d2518a51d5e4021d9e5203253a35dbfb41f10d272ce5cc5e75c73aecaada60c
 
Red Hat Enterprise Linux HPC Node (v. 6)

SRPMS:
spice-xpi-2.4-1.el6_0.2.src.rpm
File outdated by:  RHEA-2013:1667
    MD5: 68da0392cb74438b0c1070f5e01fba78
SHA-256: d99d39278d12150625d5f8b093cd7dca49bd219b172b35d278ce9f0ec8faa51d
 
x86_64:
spice-xpi-2.4-1.el6_0.2.x86_64.rpm
File outdated by:  RHEA-2013:1667
    MD5: 297d6fbe3ea8961dbe22f59ed30dcaa8
SHA-256: abfefaf875c01bc27dbdaa7656bcbe20af54083b4a4c4d0d7e6659b9fb6ed2d7
spice-xpi-debuginfo-2.4-1.el6_0.2.x86_64.rpm
File outdated by:  RHEA-2013:1667
    MD5: a1c2d9d022d5da2040bb65a86edcb45a
SHA-256: 1d2518a51d5e4021d9e5203253a35dbfb41f10d272ce5cc5e75c73aecaada60c
 
Red Hat Enterprise Linux Server (v. 6)

SRPMS:
spice-xpi-2.4-1.el6_0.2.src.rpm
File outdated by:  RHEA-2013:1667
    MD5: 68da0392cb74438b0c1070f5e01fba78
SHA-256: d99d39278d12150625d5f8b093cd7dca49bd219b172b35d278ce9f0ec8faa51d
 
IA-32:
spice-xpi-2.4-1.el6_0.2.i686.rpm
File outdated by:  RHEA-2013:1667
    MD5: 95e48d7593228bca9af4774a4727af23
SHA-256: 1a744a6c3ce8426fb324cd7e1318f9d24b0c99e691b9db898ccd78b7e114b1b0
spice-xpi-debuginfo-2.4-1.el6_0.2.i686.rpm
File outdated by:  RHEA-2013:1667
    MD5: 0b7f72dc1b35b576fe4f6c0ee2a78686
SHA-256: 712ce6755b973f4e46fd5029e0e58338ab8bd3c2d50932a1d757421da528fe31
 
x86_64:
spice-xpi-2.4-1.el6_0.2.x86_64.rpm
File outdated by:  RHEA-2013:1667
    MD5: 297d6fbe3ea8961dbe22f59ed30dcaa8
SHA-256: abfefaf875c01bc27dbdaa7656bcbe20af54083b4a4c4d0d7e6659b9fb6ed2d7
spice-xpi-debuginfo-2.4-1.el6_0.2.x86_64.rpm
File outdated by:  RHEA-2013:1667
    MD5: a1c2d9d022d5da2040bb65a86edcb45a
SHA-256: 1d2518a51d5e4021d9e5203253a35dbfb41f10d272ce5cc5e75c73aecaada60c
 
Red Hat Enterprise Linux Server EUS (v. 6.0.z)

SRPMS:
spice-xpi-2.4-1.el6_0.2.src.rpm
File outdated by:  RHEA-2013:1667
    MD5: 68da0392cb74438b0c1070f5e01fba78
SHA-256: d99d39278d12150625d5f8b093cd7dca49bd219b172b35d278ce9f0ec8faa51d
 
IA-32:
spice-xpi-2.4-1.el6_0.2.i686.rpm     MD5: 95e48d7593228bca9af4774a4727af23
SHA-256: 1a744a6c3ce8426fb324cd7e1318f9d24b0c99e691b9db898ccd78b7e114b1b0
spice-xpi-debuginfo-2.4-1.el6_0.2.i686.rpm     MD5: 0b7f72dc1b35b576fe4f6c0ee2a78686
SHA-256: 712ce6755b973f4e46fd5029e0e58338ab8bd3c2d50932a1d757421da528fe31
 
x86_64:
spice-xpi-2.4-1.el6_0.2.x86_64.rpm     MD5: 297d6fbe3ea8961dbe22f59ed30dcaa8
SHA-256: abfefaf875c01bc27dbdaa7656bcbe20af54083b4a4c4d0d7e6659b9fb6ed2d7
spice-xpi-debuginfo-2.4-1.el6_0.2.x86_64.rpm     MD5: a1c2d9d022d5da2040bb65a86edcb45a
SHA-256: 1d2518a51d5e4021d9e5203253a35dbfb41f10d272ce5cc5e75c73aecaada60c
 
Red Hat Enterprise Linux Workstation (v. 6)

SRPMS:
spice-xpi-2.4-1.el6_0.2.src.rpm
File outdated by:  RHEA-2013:1667
    MD5: 68da0392cb74438b0c1070f5e01fba78
SHA-256: d99d39278d12150625d5f8b093cd7dca49bd219b172b35d278ce9f0ec8faa51d
 
IA-32:
spice-xpi-2.4-1.el6_0.2.i686.rpm
File outdated by:  RHEA-2013:1667
    MD5: 95e48d7593228bca9af4774a4727af23
SHA-256: 1a744a6c3ce8426fb324cd7e1318f9d24b0c99e691b9db898ccd78b7e114b1b0
spice-xpi-debuginfo-2.4-1.el6_0.2.i686.rpm
File outdated by:  RHEA-2013:1667
    MD5: 0b7f72dc1b35b576fe4f6c0ee2a78686
SHA-256: 712ce6755b973f4e46fd5029e0e58338ab8bd3c2d50932a1d757421da528fe31
 
x86_64:
spice-xpi-2.4-1.el6_0.2.x86_64.rpm
File outdated by:  RHEA-2013:1667
    MD5: 297d6fbe3ea8961dbe22f59ed30dcaa8
SHA-256: abfefaf875c01bc27dbdaa7656bcbe20af54083b4a4c4d0d7e6659b9fb6ed2d7
spice-xpi-debuginfo-2.4-1.el6_0.2.x86_64.rpm
File outdated by:  RHEA-2013:1667
    MD5: a1c2d9d022d5da2040bb65a86edcb45a
SHA-256: 1d2518a51d5e4021d9e5203253a35dbfb41f10d272ce5cc5e75c73aecaada60c
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

639869 - CVE-2011-0012 spice-xpi: symlink attack on usbrdrctl log file
689931 - CVE-2011-1179 spice-xpi: unitialized pointer writes possible when getting plugin properties


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/