Publishing details

• Published on 2016-06-22

Changelog

spice (0.12.4-0nocelt2ubuntu1.3~cloud0) precise-icehouse; urgency=medium

  * New update for the Ubuntu Cloud Archive.

spice (0.12.4-0nocelt2ubuntu1.3) trusty-security; urgency=medium

  * SECURITY UPDATE: denial of service and possible code execution via
    memory allocation flaw in smartcard interaction
    - debian/patches/CVE-2016-0749/*.patch: add a ref to item and allocate
      msg with the expected size in server/smartcard.c.
    - CVE-2016-0749
  * SECURITY UPDATE: host memory access from guest with invalid primary
    surface parameters
    - debian/patches/CVE-2016-2150/*.patch: create a function to validate
      surface parameters in server/red_parse_qxl.*, improve primary surface
      parameter checks in server/red_worker.c.
    - CVE-2016-2150
  * Added two extra commits to previous security update:
    - 0001-worker-validate-correctly-surfaces.patch
    - 0002-worker-avoid-double-free-or-double-create-of-surface.patch

 -- Openstack Ubuntu Testing Bot <email address hidden>  Wed, 22 Jun 2016 03:11:54 +0000

Builds

• amd64
• i386

Built packages

• libspice-server-dev Header files and development documentation for spice-server

• libspice-server1 Implements the server side of the SPICE protocol

• spice-client Implements the client side of the SPICE protocol

Package files

• libspice-server-dev_0.12.4-0nocelt2ubuntu1.3~cloud0_amd64.deb (492.4 KiB)
• libspice-server-dev_0.12.4-0nocelt2ubuntu1.3~cloud0_i386.deb (480.9 KiB)
• libspice-server1_0.12.4-0nocelt2ubuntu1.3~cloud0_amd64.deb (401.2 KiB)
• libspice-server1_0.12.4-0nocelt2ubuntu1.3~cloud0_i386.deb (395.9 KiB)
• spice-client_0.12.4-0nocelt2ubuntu1.3~cloud0_amd64.deb (429.2 KiB)
• spice-client_0.12.4-0nocelt2ubuntu1.3~cloud0_i386.deb (424.1 KiB)
• spice_0.12.4-0nocelt2ubuntu1.3~cloud0.debian.tar.gz (37.8 KiB)
• spice_0.12.4-0nocelt2ubuntu1.3~cloud0.dsc (2.3 KiB)
• spice_0.12.4.orig.tar.bz2 (1.6 MiB)