Alerts This Week
Warning Icon 1 1,375
Alerts This Week
Warning Icon 1 1,375

Scientific Linux: CVE-2012-4425 Moderate Spice-Gtk Security Update

Scientific Large Esm H446
Moderate: spice-gtk security update
Date: Mon, 17 Sep 2012 13:43:22 -0500
Reply-To: Pat Riehecky 
Sender: Security Errata for Scientific Linux
 
From: Pat Riehecky 
Organization: Fermilab
Subject: Security ERRATA Moderate: spice-gtk on SL6.x i386/x86_64
MIME-Version: 1.0

Synopsis: Moderate: spice-gtk security update
Issue Date: 2012-09-17
CVE Numbers: CVE-2012-4425

The spice-gtk packages provide a GIMP Toolkit (GTK+) widget for SPICE
(Simple Protocol for Independent Computing Environments) clients. Both
Virtual Machine Manager and Virtual Machine Viewer can make use of this
widget to access virtual machines using the SPICE protocol.

It was discovered that the spice-gtk setuid helper application,
spice-client-glib-usb-acl-helper, did not clear the environment variables
read by the libraries it uses. A local attacker could possibly use this
flaw to escalate their privileges by setting specific environment variables
before running the helper application. (CVE-2012-4425)

All users of spice-gtk are advised to upgrade to these updated packages,
which contain a backported patch to correct this issue.

To resolve dependencies gtk2, libcacard, libusb1, and spice-protocol
have been added to the necessary repositories.

SL6
 x86_64
 spice-glib-0.11-11.el6_3.1.i686.rpm
 spice-glib-0.11-11.el6_3.1.x86_64.rpm
 spice-gtk-0.11-11.el6_3.1.i686.rpm
 spice-gtk-0.11-11.el6_3.1.x86_64.rpm
 spice-gtk-python-0.11-11.el6_3.1.x86_64.rpm
 spice-glib-devel-0.11-11.el6_3.1.i686.rpm
 spice-glib-devel-0.11-11.el6_3.1.x86_64.rpm
 spice-gtk-devel-0.11-11.el6_3.1.i686.rpm
 spice-gtk-devel-0.11-11.el6_3.1.x86_64.rpm
 spice-gtk-tools-0.11-11.el6_3.1.x86_64.rpm

 Dependencies:
 gtk2-2.18.9-10.el6.i686.rpm
 gtk2-2.18.9-10.el6.x86_64.rpm
 gtk2-devel-2.18.9-10.el6.i686.rpm
 gtk2-devel-2.18.9-10.el6.x86_64.rpm
 gtk2-devel-docs-2.18.9-10.el6.x86_64.rpm
 gtk2-immodules-2.18.9-10.el6.i686.rpm
 gtk2-immodules-2.18.9-10.el6.x86_64.rpm
 gtk2-immodule-xim-2.18.9-10.el6.i686.rpm
 gtk2-immodule-xim-2.18.9-10.el6.x86_64.rpm
 libcacard-0.15.0-2.el6.i686.rpm
 libcacard-0.15.0-2.el6.x86_64.rpm
 libcacard-devel-0.15.0-2.el6.i686.rpm
 libcacard-devel-0.15.0-2.el6.x86_64.rpm
 libcacard-tools-0.15.0-2.el6.x86_64.rpm
 libusb1-1.0.9-0.5.rc1.el6.i686.rpm
 libusb1-1.0.9-0.5.rc1.el6.x86_64.rpm
 libusb1-devel-1.0.9-0.5.rc1.el6.i686.rpm
 libusb1-devel-1.0.9-0.5.rc1.el6.x86_64.rpm
 libusb1-static-1.0.9-0.5.rc1.el6.x86_64.rpm
 spice-protocol-0.10.1-5.el6.noarch.rpm

 i386
 spice-glib-0.11-11.el6_3.1.i686.rpm
 spice-gtk-0.11-11.el6_3.1.i686.rpm
 spice-gtk-python-0.11-11.el6_3.1.i686.rpm
 spice-glib-devel-0.11-11.el6_3.1.i686.rpm
 spice-gtk-devel-0.11-11.el6_3.1.i686.rpm
 spice-gtk-tools-0.11-11.el6_3.1.i686.rpm

 Dependencies:
 gtk2-2.18.9-10.el6.i686.rpm
 gtk2-devel-2.18.9-10.el6.i686.rpm
 gtk2-devel-docs-2.18.9-10.el6.i686.rpm
 gtk2-immodules-2.18.9-10.el6.i686.rpm
 gtk2-immodule-xim-2.18.9-10.el6.i686.rpm
 libcacard-0.15.0-2.el6.i686.rpm
 libcacard-devel-0.15.0-2.el6.i686.rpm
 libcacard-tools-0.15.0-2.el6.i686.rpm
 libusb1-1.0.9-0.5.rc1.el6.i686.rpm
 libusb1-devel-1.0.9-0.5.rc1.el6.i686.rpm
 libusb1-static-1.0.9-0.5.rc1.el6.i686.rpm
 spice-protocol-0.10.1-5.el6.noarch.rpm

- Scientific Linux Development Team
Your message here