ubuntu/+source/spice:debian/stretch

Last commit made on 2019-02-16
Get this branch:
git clone -b debian/stretch https://git.launchpad.net/ubuntu/+source/spice
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
debian/stretch
Repository:
lp:ubuntu/+source/spice

Recent commits

83b13da... by Salvatore Bonaccorso on 2019-01-27

Import patches-unapplied version 0.12.8-2.1+deb9u3 to debian/stretch

Imported using git-ubuntu import.

Changelog parent: 09dcd37a1abd1276c5b93bb5e2dec4a0a26b594b

New changelog entries:
  * Non-maintainer upload by the Security Team.
  * memslot: Fix off-by-one error in group/slot boundary check (CVE-2019-3813)

09dcd37... by Salvatore Bonaccorso on 2018-10-07

Import patches-unapplied version 0.12.8-2.1+deb9u2 to debian/stretch

Imported using git-ubuntu import.

Changelog parent: 7e4032fb52eb7e765844521caece7d5e8cc60ce6

New changelog entries:
  * Non-maintainer upload by the Security Team.
  * Fix flexible array buffer overflow (CVE-2018-10873) (Closes: #906315)

7e4032f... by Salvatore Bonaccorso on 2017-07-04

Import patches-unapplied version 0.12.8-2.1+deb9u1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: f73787f6acc1029870aceeec244cc22b08e01748

New changelog entries:
  * Non-maintainer upload by the Security Team.
  * CVE-2017-7506: Possible buffer overflow via invalid monitor configurations

f73787f... by Markus Koschany <email address hidden> on 2017-02-13

Import patches-unapplied version 0.12.8-2.1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 1362f89bbb02065578430eba5fe0b18b33c2db0f

New changelog entries:
  * Non-maintainer upload.
  * Add CVE-2016-9577-and-CVE-2016-9578.patch:
    - CVE-2016-9577: A buffer overflow vulnerability in
      main_channel_alloc_msg_rcv_buf was found that occurs when reading large
      messages due to missing buffer size check.
    - CVE-2016-9578: A vulnerability was discovered in the server's
      protocol handling. An attacker able to connect to the spice server could
      send crafted messages which would cause the process to crash.
      (Closes: #854336)

1362f89... by Liang Guo <email address hidden> on 2017-01-06

Import patches-unapplied version 0.12.8-2 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 3e2a3a4314136b8701a64b4fc90cd0ccf196e65f

New changelog entries:
  * Build on all little-endian architectures (Closes: #734218)
  * Drop -dbg package and rely on the automatically built one (-dbgsym)
  * Drop the libasound2-dev build-dependency, this was needed for the
    spice-client which is gone since 0.12.6-1

3e2a3a4... by Liang Guo <email address hidden> on 2016-07-26

Import patches-unapplied version 0.12.8-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 7f3a70b54a215d84b2550682fecf374c125e579f

New changelog entries:
  * New upstream release
  * Remove debian/patches/{CVE-2016-0749,CVE-2016-2150}, applied
    Upstream

7f3a70b... by Liang Guo <email address hidden> on 2016-06-23

Import patches-unapplied version 0.12.7-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 939fce520ac6bf465379543dffa418c1d02998ac

New changelog entries:
  * New upstream release
  * Update debian/copyright
  * Refresh debian/patches
  * Static build is disabled, remove lib*.a from libspice-server-dev
  * Update Standards-Version to 3.9.8 (no changes)
  * Use secure uri in vcs-*

939fce5... by Salvatore Bonaccorso on 2016-06-06

Import patches-unapplied version 0.12.6-4.1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 3bc34a3ee8e17bcd960a6d648ac575dc51ef8df5

New changelog entries:
  * Non-maintainer upload.
  * CVE-2016-0749: heap-based buffer overflow in smartcard interaction
    (Closes: #826585)
  * CVE-2016-2150: host memory access from guest using crafted primary surface
    parameters (Closes: #826584)

3bc34a3... by Michael Tokarev <email address hidden> on 2015-11-06

Import patches-unapplied version 0.12.6-4 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 272fa8928e78960d6d8b97021c569532e8b8a47d

New changelog entries:
  * stop depending libspice-server-dev on libcacard-dev (#802413).
    Instead, remove mention of libcacard from the .pc file, as it
    is not actually used when building with libspice-server.
  * remove Requires.private defs from .pc file -- we're not building static
    libs, but if Requires.private is present, pkg-config requires the other
    .pc files to be present too, which is wrong (Closes: #803926)

272fa89... by Michael Tokarev <email address hidden> on 2015-10-20

Import patches-unapplied version 0.12.6-3 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 711da6c53dbceccf519e9c2ba1726ef6bd473549

New changelog entries:
  * update Standards-Version to 3.9.6 (no changes)
  * add libcacard-dev to libspice-server-dev dependencies
    (Closes: #802413)