Accepted spice 0.11.0-1+deb7u1 (source amd64)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Fri, 03 Jan 2014 17:52:06 +0100
Source: spice
Binary: spice-client libspice-server1 libspice-server-dev
Architecture: source amd64
Version: 0.11.0-1+deb7u1
Distribution: wheezy-security
Urgency: high
Maintainer: Liang Guo <guoliang@debian.org>
Changed-By: Salvatore Bonaccorso <carnil@debian.org>
Description:
libspice-server-dev - Header files and development documentation for spice-server
libspice-server1 - Implements the server side of the SPICE protocol
spice-client - Implements the client side of the SPICE protocol
Closes: 717030 728314
Changes:
spice (0.11.0-1+deb7u1) wheezy-security; urgency=high
.
* Non-maintainer upload by the Security Team.
* Add CVE-2013-4130.patch patch.
CVE-2013-4130: unsafe clients ring access abort. An user able to
initiate spice connection to the guest could use this flaw to crash the
guest. (Closes: #717030)
* Add CVE-2013-4282.patch patch.
CVE-2013-4282: Fix buffer overflow when decrypting client SPICE ticket.
A remote user able to initiate a SPICE connection to an application
acting as a SPICE server could use this flaw to crash the application.
(Closes: #728314)
Checksums-Sha1:
761c8f2e9f1758b9f161f65589b1afb4f34b7aa4 2293 spice_0.11.0-1+deb7u1.dsc
889f96c26645b6cb050ddb0e3828a13ac29affe7 1442150 spice_0.11.0.orig.tar.bz2
aa5350fae2e61b6770929fce929b223249962bc0 21976 spice_0.11.0-1+deb7u1.debian.tar.gz
c40ce9de81192e42637609a5482eeebd741b1c6b 438090 spice-client_0.11.0-1+deb7u1_amd64.deb
37dadf12d16cae7f381a57688643d1667581e3b8 376264 libspice-server1_0.11.0-1+deb7u1_amd64.deb
bcbedcaa73a5737412c4161a20eddb44710bfba0 455444 libspice-server-dev_0.11.0-1+deb7u1_amd64.deb
Checksums-Sha256:
64a589c624c15e6151d79395fe1d3d390e5a7cf8906d4c1f45fac2567197f348 2293 spice_0.11.0-1+deb7u1.dsc
7c906ffe9723a781fbbde5a97d9693f720dd58923b91a574af7edb60120c56a5 1442150 spice_0.11.0.orig.tar.bz2
05aed9c7bb96e1d39be76d69c97c61620399b9bb0fb58da6bebfe983b26e7f1e 21976 spice_0.11.0-1+deb7u1.debian.tar.gz
c0322a592508478806b634862e490b71e492a878187a4ffb491489d5c8339235 438090 spice-client_0.11.0-1+deb7u1_amd64.deb
704648e0b4c669d434e7bff59537d562e003368afb18784588af4326e8c2ff3e 376264 libspice-server1_0.11.0-1+deb7u1_amd64.deb
b926e96c5457069f969024f1781c7018906367c5490bb3cf2c4eec2abee5802e 455444 libspice-server-dev_0.11.0-1+deb7u1_amd64.deb
Files:
67dc44a3a5bdcebca774bad24040d75a 2293 misc optional spice_0.11.0-1+deb7u1.dsc
1d36b7bba386caeb7f65a5d986c78070 1442150 misc optional spice_0.11.0.orig.tar.bz2
b558c875d893e48886ec52f11b0cc843 21976 misc optional spice_0.11.0-1+deb7u1.debian.tar.gz
e6578df68daea002f50cd66916d0cd9d 438090 misc optional spice-client_0.11.0-1+deb7u1_amd64.deb
92f6d4850ad05e55b6efb929d92bd5c3 376264 libs optional libspice-server1_0.11.0-1+deb7u1_amd64.deb
d2e36a0f017c21987aa01e437fb4d9ee 455444 libdevel optional libspice-server-dev_0.11.0-1+deb7u1_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.15 (GNU/Linux)
iQIcBAEBCgAGBQJSyXU6AAoJEAVMuPMTQ89Eyl8P/2gLryVZySlMJpvKgAaMSLQM
pccHcOqok95W/QQouWR94k9Vo1jyea50yCkzrjfB3WDz7N02ePMENuxmJvf3M2uk
hRJ+eLdJpbHsa/eVlpy2PfiHsWkxKfdF40I8T0fXEpXsiAZn8g9bEeqsSMdItlSB
4967sFtt7r944EDhw0jwVB/lJamwZApaRcS9btxaSDt0Y8aITDRXwOUhzVguX/R5
JCQ50L3HHwcp/HxrZVItTvkmpQVG5X1WT6sMJ1XiqWg6T4LBdgjAUxRpCGKvBWJF
18uRwhU1oZpFwHSbYfENouGO0kMhgvDmWcSi92tOeoYlm39AEESqjRXCNkOQYRgH
KVOAwH57vBXfiEdivmaXwnPP2F9zOK5aMjRWadQVLEPFF1v7AFx4E70Ip497MzoJ
in8Q8IsvZBmPzm3ORiJh/UBvR6l9GBCtc5ue/wqUpcfZq7PW8yg6R4sN43stk2BX
FQV39C/xCZtdfVGSeaHj2YJDcfn7cw6RdweO6iHp4ysT30v4xw4Zft3QHviR8HG3
zUiN1aqxFmkU4NETHS8yIyac3n+3Pn5UlZuXfs54WTjRz8OiD8ezYbXAz5/DLW40
04lTYNmLfBl/uA4ccnTQC0fCbTZlLxtmdEnn/kNgTzSUuL7eoqsG4eu14OvtAejw
vF34Gzj7hZlhW3NIc4e7
=pH/i
-----END PGP SIGNATURE-----
Reply to: