ubuntu/+source/spice:applied/ubuntu/trusty-devel

Last commit made on 2019-01-28
Get this branch:
git clone -b applied/ubuntu/trusty-devel https://git.launchpad.net/ubuntu/+source/spice
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
applied/ubuntu/trusty-devel
Repository:
lp:ubuntu/+source/spice

Recent commits

ed428da... by Marc Deslauriers on 2019-01-24

Import patches-applied version 0.12.4-0nocelt2ubuntu1.8 to applied/ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: 38b9260d1c909e71b9653a7975c0a78b5f18140e
Unapplied parent: ddc7201dbfd25c0863c7e9eca32c395d24684895

New changelog entries:
  * SECURITY UPDATE: off-by-one error in memslot_get_virt
    - debian/patches/CVE-2019-3813.patch: fix checks in
      server/red_memslots.c.
    - CVE-2019-3813

ddc7201... by Marc Deslauriers on 2019-01-24

[spice-server] memslot: Fix off-by-one error in group/slot boundary

Gbp-Pq: CVE-2019-3813.patch.

4bfb8c1... by Marc Deslauriers on 2019-01-24

[PATCH] Fix flexible array buffer overflow

Gbp-Pq: CVE-2018-10873.patch.

bab197d... by Marc Deslauriers on 2019-01-24

[PATCH] Avoid integer overflow computing image sizes

Gbp-Pq: CVE-2017-12194-2.patch.

d6b771d... by Marc Deslauriers on 2019-01-24

[PATCH] Fix integer overflows computing sizes

Gbp-Pq: CVE-2017-12194-1.patch.

4f648a3... by Marc Deslauriers on 2019-01-24

reds: Avoid buffer overflows handling monitor configuration

Gbp-Pq: CVE-2017-7506-3.patch.

16e5a47... by Marc Deslauriers on 2019-01-24

reds: Avoid integer overflows handling monitor configuration

Gbp-Pq: CVE-2017-7506-2.patch.

b5bd721... by Marc Deslauriers on 2019-01-24

reds: Disconnect when receiving overly big ClientMonitorsConfig

Gbp-Pq: CVE-2017-7506-1.patch.

00ad05d... by Marc Deslauriers on 2019-01-24

Prevent integer overflows in capability checks

Gbp-Pq: CVE-2016-9578-2.patch.

2aa4a22... by Marc Deslauriers on 2019-01-24

Prevent possible DoS attempts during protocol handshake

Gbp-Pq: CVE-2016-9578-1.patch.