Updated spice-vdagent package fixes security vulnerability
Publication date: 11 Jan 2019Modification date: 11 Jan 2019
Type: security
Affected Mageia releases : 6
CVE: CVE-2017-15108
Description
Improperly escaped save directory that is passed to the shell allows local attacker with access to the session the agent runs to inject arbitrary commands to be executed (CVE-2017-15108).
References
SRPMS
6/core
- spice-vdagent-0.18.0-1.mga6