ubuntu/+source/spice:applied/ubuntu/artful

Last commit made on 2017-07-22
Get this branch:
git clone -b applied/ubuntu/artful https://git.launchpad.net/ubuntu/+source/spice
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
applied/ubuntu/artful
Repository:
lp:ubuntu/+source/spice

Recent commits

14283ce... by Markus Koschany <email address hidden> on 2017-07-21

Import patches-applied version 0.12.8-2.2 to applied/debian/sid

Imported using git-ubuntu import.

Changelog parent: 14a77ad26dc4e9e5d74d3e4b0a708363a7fb6a3b
Unapplied parent: 2bc13ba1a1b4783e80263f47fb50dc0a96365b73

New changelog entries:
  * Non-maintainer upload.
  * Fix CVE-2017-7506: (Closes: #868083)
    Possible buffer overflow via invalid monitor configurations.

2bc13ba... by Markus Koschany <email address hidden> on 2017-07-21

[spice-server 3/3] reds: Avoid buffer overflows handling monitor

Gbp-Pq: CVE-2017-7506-3.patch.

79d3e8e... by Markus Koschany <email address hidden> on 2017-07-21

[spice-server 2/3] reds: Avoid integer overflows handling monitor

Gbp-Pq: CVE-2017-7506-2.patch.

b7578fc... by Markus Koschany <email address hidden> on 2017-07-21

[spice-server 1/3] reds: Disconnect when receiving overly big

Gbp-Pq: CVE-2017-7506-1.patch.

28df0fc... by Markus Koschany <email address hidden> on 2017-07-21

CVE-2016-9577 and CVE-2016-9578

Gbp-Pq: CVE-2016-9577-and-CVE-2016-9578.patch.

082ee4e... by Markus Koschany <email address hidden> on 2017-07-21

do not link spice with libcacard

Gbp-Pq: stop-linking-with-libcacard.diff.

4b629d6... by Markus Koschany <email address hidden> on 2017-07-21

Import patches-unapplied version 0.12.8-2.2 to debian/sid

Imported using git-ubuntu import.

Changelog parent: f73787f6acc1029870aceeec244cc22b08e01748

New changelog entries:
  * Non-maintainer upload.
  * Fix CVE-2017-7506: (Closes: #868083)
    Possible buffer overflow via invalid monitor configurations.

14a77ad... by Markus Koschany <email address hidden> on 2017-02-13

Import patches-applied version 0.12.8-2.1 to applied/debian/sid

Imported using git-ubuntu import.

Changelog parent: 1c308d447f0f410602b59b98286aff26c37490fb
Unapplied parent: afe827bc4289917dcdf5b85720d8fb0f6156ec92

New changelog entries:
  * Non-maintainer upload.
  * Add CVE-2016-9577-and-CVE-2016-9578.patch:
    - CVE-2016-9577: A buffer overflow vulnerability in
      main_channel_alloc_msg_rcv_buf was found that occurs when reading large
      messages due to missing buffer size check.
    - CVE-2016-9578: A vulnerability was discovered in the server's
      protocol handling. An attacker able to connect to the spice server could
      send crafted messages which would cause the process to crash.
      (Closes: #854336)

f73787f... by Markus Koschany <email address hidden> on 2017-02-13

Import patches-unapplied version 0.12.8-2.1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 1362f89bbb02065578430eba5fe0b18b33c2db0f

New changelog entries:
  * Non-maintainer upload.
  * Add CVE-2016-9577-and-CVE-2016-9578.patch:
    - CVE-2016-9577: A buffer overflow vulnerability in
      main_channel_alloc_msg_rcv_buf was found that occurs when reading large
      messages due to missing buffer size check.
    - CVE-2016-9578: A vulnerability was discovered in the server's
      protocol handling. An attacker able to connect to the spice server could
      send crafted messages which would cause the process to crash.
      (Closes: #854336)

afe827b... by Markus Koschany <email address hidden> on 2017-02-13

CVE-2016-9577 and CVE-2016-9578

Gbp-Pq: CVE-2016-9577-and-CVE-2016-9578.patch.