Gentoo Linux Security Advisory 201811-20 - A vulnerability in spice-gtk could allow an attacker to remotely execute arbitrary code. Versions less than 0.34 are affected.
be174d4d5b6bc1ee40ee7dd94f52d367eac2b308fb235d6782871b5994051e52
Ubuntu Security Notice 3659-1 - Frediano Ziglio discovered that Spice incorrectly handled certain client messages. An attacker could possibly use this to cause Spice to crash, resulting in a denial of service, or possibly execute arbitrary code.
d52663890c0d8cb6a4bdb3c8644adaab7e7444d362b40550e58a32bfee78867a