CVE-2016-2150: Guest escape using crafted primary surface parameters (bsc#982386).
CVE-2016-0749: Heap-based buffer overflow in smartcard interaction (bsc#982385).
Affected Packages
libspice-server1
SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Server 12SUSE Linux Enterprise Server for SAP Applications 12
Fixed in:
0.12.4-8.9.1
spice
SUSE Linux Enterprise Desktop 12SUSE Linux Enterprise Server 12SUSE Linux Enterprise Server for SAP Applications 12SUSE Linux Enterprise Software Development Kit 12