-
spice (0.11.0-1+deb7u2) wheezy-security; urgency=high
* Non-maintainer upload by the Security Team.
* Add series of patches for CVE-2015-5260 and CVE-2015-6261.
CVE-2015-5260: insufficient validation of surface_id parameter can cause
crash. (Closes: #801089)
CVE-2015-5261: host memory access from guest using crafted images.
(Closes: #801091)
-- Salvatore Bonaccorso <email address hidden> Thu, 08 Oct 2015 17:41:09 +0200
-
spice (0.11.0-1+deb7u1) wheezy-security; urgency=high
* Non-maintainer upload by the Security Team.
* Add CVE-2013-4130.patch patch.
CVE-2013-4130: unsafe clients ring access abort. An user able to
initiate spice connection to the guest could use this flaw to crash the
guest. (Closes: #717030)
* Add CVE-2013-4282.patch patch.
CVE-2013-4282: Fix buffer overflow when decrypting client SPICE ticket.
A remote user able to initiate a SPICE connection to an application
acting as a SPICE server could use this flaw to crash the application.
(Closes: #728314)
-- Salvatore Bonaccorso <email address hidden> Fri, 03 Jan 2014 17:52:06 +0100
-
spice (0.11.0-1) unstable; urgency=low
* New upstream release
* Breaks spice-gtk (<= 0.12-2)
* Refresh debian/libspice-server1.symbols
* debian/control:
- Update my e-mail address
- Add python-pyparsing to Build-Depends
* debian/patches:
- Remove fix-error-path-return-in-snd_set_record_peer.patch,
applied upstream
- Refresh make-celt-to-be-optional.patch
- Refresh link-libspice-server-with-libm-libpthread.patch
* Simplify debian/rules, celt removed, no reason to use
traditional one
* Disable smartcard, not in debian yet
* Refresh debian/copyright
-- Liang Guo <email address hidden> Sat, 09 Jun 2012 11:33:05 +0800
-
spice (0.10.1-2) unstable; urgency=low
* added dependency on libxinerama-dev to
libspice-server-dev, temporarily, till
either upstream or we will have better
solution. libspice-server does not use
xinerama in any way, yet it is listed in
the requiriments in the pkg-config file,
which is generated at configure time.
(Closes: #658173)
-- Michael Tokarev <email address hidden> Wed, 01 Feb 2012 01:08:34 +0400
-
spice (0.10.0-1) unstable; urgency=low
[ Liang Guo ]
* New upstream release (Closes: #651262)
* Refresh debian/copyright
* Remove fix-typo-in-cmd_line_parser-cpp.patch, applied upstream
* Remove fix-typo-in-record-cpp.patch, applied upstream
* Remove use-requires-private-for-libspice-pkgconfig.patch, applied upstream
* Change Build-Depends on libspice-protocol-dev to (>= 0.9.1~)
* Refresh libspice-server1.symbols
* Update debian/rules clean target
* Ignore common/win/my_getopt-1.5/Makefile change when building package
* debian/control: set DMUA
[ Michael Tokarev ]
* use `rm -f' instead of `-rm' in debian/rules clean targets
* remove python_modules/*.pyc in clean target
-- Liang Guo <email address hidden> Tue, 29 Nov 2011 14:37:08 +0800
-
spice (0.8.3-1) unstable; urgency=low
* New upstream release
* Update debian/copyright to fit DEP-5
* Remove drop-unnecessary-build-request.patch, applied upstream
* Update Build-Depends on libspice-protocol-dev to 0.8.2~
* Disable GUI support, CEGUI version in Debian not supported
* Add libjpeg-dev to Build-Depends
* Refresh libspice-server1.symbols
-- Liang Guo <email address hidden> Thu, 20 Oct 2011 11:13:23 +0800
-
spice (0.8.2-2) unstable; urgency=low
[ Michael Tokarev ]
* move libraries used internally by libspice-server from Requires
to Requires.private in pkg-config file
[ Liang Guo ]
* Add libpixman-1-dev and libssl-dev to libspice-server-dev
Depends (Closes: #637189)
* Remove alsa, xrandr, xfixes, x11, xext and xrender
from spice-server.pc Requires
* Fix typo in debian/spicec.1
-- Liang Guo <email address hidden> Tue, 16 Aug 2011 10:36:31 +0800
-
spice (0.8.2-1) unstable; urgency=low
* Initial release (Closes: #560721) -- Liang Guo <email address hidden> Sat, 23 Jul 2011 12:21:04 +0800
