A flaw was found in spice-client. An improper check on LZ images sent by the server could lead to an integer/buffer overflows on the client.
Created mingw-spice-gtk tracking bugs for this issue:
Affects: fedora-all [bug 1598236]
Created spice-gtk tracking bugs for this issue:
Affects: fedora-all [bug 1598235]
Since the Red Hat reference is not accessible, are there any details available for this issue? Is the issue adressed already?
Name: Frediano Ziglio (Red Hat)
Created attachment 1459094 [details]
Created attachment 1459095 [details]
*** Bug 1594904 has been marked as a duplicate of this bug. ***
Too late for last z-stream batch for 7.6, closing.
This issue has been addressed in the following products:
Red Hat Enterprise Linux 7
Via RHSA-2019:2229 https://access.redhat.com/errata/RHSA-2019:2229