ubuntu/+source/spice:applied/ubuntu/xenial-security

Last commit made on 2019-01-28
Get this branch:
git clone -b applied/ubuntu/xenial-security https://git.launchpad.net/ubuntu/+source/spice
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
applied/ubuntu/xenial-security
Repository:
lp:ubuntu/+source/spice

Recent commits

5ea5025... by Marc Deslauriers on 2019-01-24

Import patches-applied version 0.12.6-4ubuntu0.4 to applied/ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: 3a58fc9d175d920c2dd6491e8dde122134f4af25
Unapplied parent: f04d0f6a926297303fcbe41a2dd0eff3fae788a6

New changelog entries:
  * SECURITY UPDATE: off-by-one error in memslot_get_virt
    - debian/patches/CVE-2019-3813.patch: fix checks in
      server/red_memslots.c.
    - CVE-2019-3813

f04d0f6... by Marc Deslauriers on 2019-01-24

[spice-server] memslot: Fix off-by-one error in group/slot boundary

Gbp-Pq: CVE-2019-3813.patch.

acf53da... by Marc Deslauriers on 2019-01-24

reds: Avoid buffer overflows handling monitor configuration

Gbp-Pq: CVE-2017-7506-3.patch.

1f321cc... by Marc Deslauriers on 2019-01-24

reds: Avoid integer overflows handling monitor configuration

Gbp-Pq: CVE-2017-7506-2.patch.

0cb42e6... by Marc Deslauriers on 2019-01-24

reds: Disconnect when receiving overly big ClientMonitorsConfig

Gbp-Pq: CVE-2017-7506-1.patch.

19b522f... by Marc Deslauriers on 2019-01-24

Prevent integer overflows in capability checks

Gbp-Pq: CVE-2016-9578-2.patch.

bd1d324... by Marc Deslauriers on 2019-01-24

Prevent possible DoS attempts during protocol handshake

Gbp-Pq: CVE-2016-9578-1.patch.

48c7916... by Marc Deslauriers on 2019-01-24

main-channel: Prevent overflow reading messages from client

Gbp-Pq: CVE-2016-9577.patch.

9fc0bf1... by Marc Deslauriers on 2019-01-24

[PATCH] improve primary surface parameter checks

Gbp-Pq: CVE-2016-2150/0002-improve-primary-surface-parameter-checks.patch.

eee0029... by Marc Deslauriers on 2019-01-24

[PATCH] create a function to validate surface parameters

Gbp-Pq: CVE-2016-2150/0001-create-a-function-to-validate-surface-parameters.patch.