ubuntu/+source/spice:ubuntu/cosmic-security

Last commit made on 2019-01-28
Get this branch:
git clone -b ubuntu/cosmic-security https://git.launchpad.net/ubuntu/+source/spice
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
ubuntu/cosmic-security
Repository:
lp:ubuntu/+source/spice

Recent commits

3c2a203... by Marc Deslauriers on 2019-01-24

Import patches-unapplied version 0.14.0-1ubuntu4.2 to ubuntu/cosmic-security

Imported using git-ubuntu import.

Changelog parent: e2d7c69506d38aa2355aff11854fddf358a9ba4c

New changelog entries:
  * SECURITY UPDATE: off-by-one error in memslot_get_virt
    - debian/patches/CVE-2019-3813.patch: fix checks in server/memslot.c,
      add tests to server/tests/test-qxl-parsing.c.
    - CVE-2019-3813
  * debian/tests/automated-tests: fix incorrect test name, don't fail on
    build writing to stderr.

e2d7c69... by Leonidas S. Barbosa on 2018-08-20

Import patches-unapplied version 0.14.0-1ubuntu4 to ubuntu/cosmic-proposed

Imported using git-ubuntu import.

Changelog parent: ac47c0dd81f8c1d3f068af7eae615c3c090d7787

New changelog entries:
  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2018-10873.patch: fix in
      spice-common/python_modules/demarshal.py,
   - CVE-2018-10873

ac47c0d... by Leonidas S. Barbosa on 2018-05-22

Import patches-unapplied version 0.14.0-1ubuntu3 to ubuntu/cosmic-proposed

Imported using git-ubuntu import.

Changelog parent: 4fa4c1609e668c65b95aeca94d4c24bd96e90171

New changelog entries:
  * SECURITY UPDATE: Integer overflow and buffer overflow
    - debian/patches/CVE-2017-12194-1.patch: fix a integer overflow
      computing sizes in spice-common/python_modules/demarshal.py.
    - debian/patches/CVE-2017-12194-2.patch: avoid integer overflow
      in spice-common/python_modules/demarshal.py,
      spice-common/python_modules/marshal.py.
    - debian/patches/CVE-2017-12194-3.patch: add tests to verify fix.
    - CVE-2017-12194

4fa4c16... by Dimitri John Ledkov on 2018-02-06

Import patches-unapplied version 0.14.0-1ubuntu2 to ubuntu/bionic-proposed

Imported using git-ubuntu import.

Changelog parent: 051a73ee2014ae0010f4756928c7855ebcfa6f4a

New changelog entries:
  * No change rebuild against openssl1.1.

051a73e... by Jeremy Bicha on 2017-11-02

Import patches-unapplied version 0.14.0-1ubuntu1 to ubuntu/bionic-proposed

Imported using git-ubuntu import.

Changelog parent: a0983e0236e7234f04caf9385362ac900792822f

New changelog entries:
  * Don't recommend -ugly or -libav gstreamer plugins since they
    are in universe

a0983e0... by Liang Guo <email address hidden> on 2017-10-19

Import patches-unapplied version 0.14.0-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 731dc28979e7856ca2d5c55119d161d7542cad55

New changelog entries:
  * New upstream release
  * debian/copyright: refresh
  * debian/control:
    - Add liborc-0.4-dev to Build-Depends
    - Update Build-Depends on debhelper to >= 10
    - Remove dh-autoreconf from Build-Depends
    - Bump Standards-Version to 4.1.1 (no changes)
    - Use https in Homepage
  * debian/compat, bump to 10
  * debian/watch, switch to https

731dc28... by Laurent Bigonville on 2017-09-20

Import patches-unapplied version 0.13.90-0.2 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 3bf9e3b7ebd7b85c6354e0abf52934a2a96ec1d3

New changelog entries:
  * Non-maintainer upload.
  * debian/rules: Disable parallel building for the tests, this will hopefully
    fix FTBFS on some arch (Closes: #876266)

3bf9e3b... by Laurent Bigonville on 2017-08-22

Import patches-unapplied version 0.13.90-0.1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 4b629d66bc0d867f2004cc87b83a04090bbddc48

New changelog entries:
  * Non-maintainer upload.
  [ Laurent Bigonville ]
  * New upstream release (Closes: #849569)
    - Adjust the build-dependencies
    - Drop d/p/CVE-2016-9577-and-CVE-2016-9578.patch,
      d/p/CVE-2017-7506-1.patch, d/p/CVE-2017-7506-2.patch,
      d/p/CVE-2017-7506-3.patch: All merged upstream
    - Drop debian/patches/fix-tests-warnings.patch, unused
    - debian/libspice-server1.symbols: Add newly exported symbols
  * debian/watch: Enable gpg key verification of the upstream tarball
  * debian/rules: Also remove the Libs.private defs from .pc file
  * debian/control: Bump Standards-Version to 4.1.0 (no further changes)
  * debian/rules: Drop override_dh_installdocs, this was only needed when we
    were building the -dbg package ourself
  * debian/control: Add liblz4-dev to the build-dependencies
  * debian/control: Add the needed gstreamer modules to the
    (build-)dependencies to enable gstreamer support
  * Run wrap-and-sort -ts
  [ Santiago Ruano Rinc√≥n ]
  * debian/tests/automated-tests: Intial DEP-8 test, using upstream automated
    test (Closes: #827027)

4b629d6... by Markus Koschany <email address hidden> on 2017-07-21

Import patches-unapplied version 0.12.8-2.2 to debian/sid

Imported using git-ubuntu import.

Changelog parent: f73787f6acc1029870aceeec244cc22b08e01748

New changelog entries:
  * Non-maintainer upload.
  * Fix CVE-2017-7506: (Closes: #868083)
    Possible buffer overflow via invalid monitor configurations.

f73787f... by Markus Koschany <email address hidden> on 2017-02-13

Import patches-unapplied version 0.12.8-2.1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 1362f89bbb02065578430eba5fe0b18b33c2db0f

New changelog entries:
  * Non-maintainer upload.
  * Add CVE-2016-9577-and-CVE-2016-9578.patch:
    - CVE-2016-9577: A buffer overflow vulnerability in
      main_channel_alloc_msg_rcv_buf was found that occurs when reading large
      messages due to missing buffer size check.
    - CVE-2016-9578: A vulnerability was discovered in the server's
      protocol handling. An attacker able to connect to the spice server could
      send crafted messages which would cause the process to crash.
      (Closes: #854336)