Security update for spice
This update for spice fixes the following issues:
Security issue fixed:
- CVE-2019-3813: Fixed a out-of-bounds read in the memslot_get_virt function that could lead to denial-of-service or code-execution (bsc#1122706).
Non-security issue fixed:
- Include spice-server tweak to compensate for performance issues with Windows guests (bsc#1109044).
This update was imported from the SUSE:SLE-15:Update update project.
-
Submitted by
Bruce Rogers (bfrogers)
Fixed bugs
bnc#1122706
VUL-0: CVE-2019-3813: spice: off-by-one error in group/slot boundary check
bnc#1109044
spice-server package gives performance issues to Windows 10 KVM guests
