Univention Bugzilla – Bug 52291
spice: Multiple issues (4.4)
Last modified: 2020-11-04 14:49:26 CET
New Debian spice 0.12.8-2.1+deb9u4 fixes: This update addresses the following issue: * multiple buffer overflow vulnerabilities in QUIC decoding code (CVE-2020-14355)
--- mirror/ftp/4.4/unmaintained/4.4-0/source/spice_0.12.8-2.1+deb9u3.dsc +++ apt/ucs_4.4-0-errata4.4-6/source/spice_0.12.8-2.1+deb9u4.dsc @@ -1,3 +1,9 @@ +0.12.8-2.1+deb9u4 [Sun, 01 Nov 2020 21:35:01 +0530] Utkarsh Gupta <utkarsh@debian.org>: + + * Non-maintainer upload by the LTS Team. + * Add patch to fix multiple buffer overflow vulnerabilities. + (Fixes: CVE-2020-14355) (Closes: #971750) + 0.12.8-2.1+deb9u3 [Sun, 27 Jan 2019 17:28:58 +0100] Salvatore Bonaccorso <carnil@debian.org>: * Non-maintainer upload by the Security Team. <http://10.200.17.11/4.4-6/#5885975810582660146>
OK: yaml OK: announce_errata OK: patch OK: piuparts [4.4-6] f0ee52b211 Bug #52291: spice 0.12.8-2.1+deb9u4 doc/errata/staging/spice.yaml | 13 +++++++++++++ 1 file changed, 13 insertions(+)
<https://errata.software-univention.de/#/?erratum=4.4x790>