spice 0.14.3-1ubuntu2 source package in Ubuntu
Changelog
spice (0.14.3-1ubuntu2) groovy; urgency=medium
* SECURITY UPDATE: multiple buffer overflows in QUIC image decoding
- debian/patches/CVE-2020-14355-1.patch: check we have some data to
start decoding quic image in subprojects/spice-common/common/quic.c.
- debian/patches/CVE-2020-14355-2.patch: check image size in
quic_decode_begin in subprojects/spice-common/common/quic.c.
- debian/patches/CVE-2020-14355-3.patch: check RLE lengths in
subprojects/spice-common/common/quic_tmpl.c.
- debian/patches/CVE-2020-14355-4.patch: avoid possible buffer overflow
in find_bucket in subprojects/spice-common/common/quic_family_tmpl.c.
- CVE-2020-14355
-- Marc Deslauriers <email address hidden> Thu, 01 Oct 2020 07:00:18 -0400
Upload details
- Uploaded by:
- Marc Deslauriers
- Uploaded to:
- Groovy
- Original maintainer:
- Ubuntu Developers
- Architectures:
- alpha amd64 arm64 armel armhf i386 mips64el mipsel ppc64el sh4 x32
- Section:
- misc
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| spice_0.14.3.orig.tar.bz2 | 1.4 MiB | 551d4be4a07667cf0543f3c895beb6da8a93ef5a9829f2ae47817be5e616a114 |
| spice_0.14.3-1ubuntu2.debian.tar.xz | 18.4 KiB | c0c8698a803db6c61418a03670768d039dada79c43fb16506284b4a50aebfadb |
| spice_0.14.3-1ubuntu2.dsc | 2.7 KiB | 8e3033cac9f959f8c9d7e7e5c50e7515a5b1e72a79d96dc09f7d1d21f9a086bc |
Available diffs
Binary packages built by this source
- libspice-server-dev: No summary available for libspice-server-dev in ubuntu hirsute.
No description available for libspice-server-dev in ubuntu hirsute.
- libspice-server1: No summary available for libspice-server1 in ubuntu hirsute.
No description available for libspice-server1 in ubuntu hirsute.
- libspice-server1-dbgsym: No summary available for libspice-server1-dbgsym in ubuntu groovy.
No description available for libspice-
server1- dbgsym in ubuntu groovy.
