Explore top 10 tips to secure your open-source projects now. Read More
×
Date: Thu, 19 Sep 2013 19:26:05 +0000 Reply-To: scientific-linux-users@ Sender: Security Errata for Scientific LinuxFrom: Pat Riehecky Subject: Security ERRATA Important: spice-gtk on SL6.x i386/x86_64 MIME-Version: 1.0 Synopsis: Important: spice-gtk security update Advisory ID: SLSA-2013:1273-1 Issue Date: 2013-09-19 CVE Numbers: CVE-2013-4324 -- spice-gtk communicated with PolicyKit for authorization via an API that is vulnerable to a race condition. This could lead to intended PolicyKit authorizations being bypassed. This update modifies spice-gtk to communicate with PolicyKit via a different API that is not vulnerable to the race condition. (CVE-2013-4324) -- SL6 x86_64 spice-glib-0.14-7.el6_4.3.i686.rpm spice-glib-0.14-7.el6_4.3.x86_64.rpm spice-gtk-0.14-7.el6_4.3.i686.rpm spice-gtk-0.14-7.el6_4.3.x86_64.rpm spice-gtk-debuginfo-0.14-7.el6_4.3.i686.rpm spice-gtk-debuginfo-0.14-7.el6_4.3.x86_64.rpm spice-gtk-python-0.14-7.el6_4.3.x86_64.rpm spice-glib-devel-0.14-7.el6_4.3.i686.rpm spice-glib-devel-0.14-7.el6_4.3.x86_64.rpm spice-gtk-devel-0.14-7.el6_4.3.i686.rpm spice-gtk-devel-0.14-7.el6_4.3.x86_64.rpm spice-gtk-tools-0.14-7.el6_4.3.x86_64.rpm i386 spice-glib-0.14-7.el6_4.3.i686.rpm spice-gtk-0.14-7.el6_4.3.i686.rpm spice-gtk-debuginfo-0.14-7.el6_4.3.i686.rpm spice-gtk-python-0.14-7.el6_4.3.i686.rpm spice-glib-devel-0.14-7.el6_4.3.i686.rpm spice-gtk-devel-0.14-7.el6_4.3.i686.rpm spice-gtk-tools-0.14-7.el6_4.3.i686.rpm - Scientific Linux Development Team