Last commit made on 2016-06-21
Get this branch:
git clone -b applied/ubuntu/wily-security https://git.launchpad.net/ubuntu/+source/spice
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information


Recent commits

1b2a0a8... by Marc Deslauriers on 2016-06-10

Import patches-applied version 0.12.5-1.1ubuntu2.1 to applied/ubuntu/wily-security

Imported using git-ubuntu import.

Changelog parent: 0682bd77f3e60bf3b61a0a0793c31c8cb32eada4
Unapplied parent: e0cc44dab9b62706bfeeffc77bbf4c82661dc3d9

New changelog entries:
  * SECURITY UPDATE: denial of service and possible code execution via
    memory allocation flaw in smartcard interaction
    - debian/patches/CVE-2016-0749/*.patch: add a ref to item and allocate
      msg with the expected size in server/smartcard.c.
    - CVE-2016-0749
  * SECURITY UPDATE: host memory access from guest with invalid primary
    surface parameters
    - debian/patches/CVE-2016-2150/*.patch: create a function to validate
      surface parameters in server/red_parse_qxl.*, improve primary surface
      parameter checks in server/red_worker.c.
    - CVE-2016-2150
  * Added two extra commits to previous security update:
    - 0001-worker-validate-correctly-surfaces.patch
    - 0002-worker-avoid-double-free-or-double-create-of-surface.patch

e0cc44d... by Marc Deslauriers on 2016-06-10

[PATCH] improve primary surface parameter checks

Gbp-Pq: CVE-2016-2150/0002-improve-primary-surface-parameter-checks.patch.

90a9d8a... by Marc Deslauriers on 2016-06-10

[PATCH] create a function to validate surface parameters

Gbp-Pq: CVE-2016-2150/0001-create-a-function-to-validate-surface-parameters.patch.

68709e3... by Marc Deslauriers on 2016-06-10

[PATCH] smartcard: allocate msg with the expected size

Gbp-Pq: CVE-2016-0749/0002-smartcard-allocate-msg-with-the-expected-size.patch.

d0e4e96... by Marc Deslauriers on 2016-06-10

[PATCH] smartcard: add a ref to item before adding to pipe

Gbp-Pq: CVE-2016-0749/0001-smartcard-add-a-ref-to-item-before-adding-to-pipe.patch.

efc87e7... by Marc Deslauriers on 2016-06-10

[PATCH 57/57] Prevent leak if size from red_get_data_chunks don't

Gbp-Pq: CVE-2015-526x/0057-Prevent-leak-if-size-from-red_get_data_chunks-don-t-.patch.

47a0224... by Marc Deslauriers on 2016-06-10

[PATCH 56/57] Prevent data_size to be set independently from data

Gbp-Pq: CVE-2015-526x/0056-Prevent-data_size-to-be-set-independently-from-data.patch.

294d206... by Marc Deslauriers on 2016-06-10

[PATCH 55/57] Avoid race condition copying segments in red_get_path

Gbp-Pq: CVE-2015-526x/0055-Avoid-race-condition-copying-segments-in-red_get_pat.patch.

a6c7beb... by Marc Deslauriers on 2016-06-10

[PATCH 54/57] Make sure we can read QXLPathSeg structures

Gbp-Pq: CVE-2015-526x/0054-Make-sure-we-can-read-QXLPathSeg-structures.patch.

9a4457e... by Marc Deslauriers on 2016-06-10

[PATCH 53/57] Fix some possible overflows in red_get_string for 32

Gbp-Pq: CVE-2015-526x/0053-Fix-some-possible-overflows-in-red_get_string-for-32.patch.