-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 08 Oct 2015 17:41:09 +0200 Source: spice Binary: spice-client libspice-server1 libspice-server-dev Architecture: source amd64 Version: 0.11.0-1+deb7u2 Distribution: wheezy-security Urgency: high Maintainer: Liang Guo <guoliang@debian.org> Changed-By: Salvatore Bonaccorso <carnil@debian.org> Description: libspice-server-dev - Header files and development documentation for spice-server libspice-server1 - Implements the server side of the SPICE protocol spice-client - Implements the client side of the SPICE protocol Closes: 801089 801091 Changes: spice (0.11.0-1+deb7u2) wheezy-security; urgency=high . * Non-maintainer upload by the Security Team. * Add series of patches for CVE-2015-5260 and CVE-2015-6261. CVE-2015-5260: insufficient validation of surface_id parameter can cause crash. (Closes: #801089) CVE-2015-5261: host memory access from guest using crafted images. (Closes: #801091) Checksums-Sha1: 492497a72f5115b0163c433d968b431f75476c49 2276 spice_0.11.0-1+deb7u2.dsc 850c4898591e8e10474b57b0f18deeab0edb84e9 33438 spice_0.11.0-1+deb7u2.debian.tar.gz d702c5ab5934d37b79d07068cfdcdcfc6dfdb96e 438298 spice-client_0.11.0-1+deb7u2_amd64.deb cebadde632bc68f095a0948d391d353dd52096cf 376668 libspice-server1_0.11.0-1+deb7u2_amd64.deb d987d0cf85ab1836779a64a92b80947bbe1794d9 456838 libspice-server-dev_0.11.0-1+deb7u2_amd64.deb Checksums-Sha256: 47b5f1376f7e29a71c7d67c68b0b4a1643c1076014575fa4415203ea040878bc 2276 spice_0.11.0-1+deb7u2.dsc 615354e2a4778bcacc885d02b3cf0d85cc4eec38bf63b32dcde816c75febcf22 33438 spice_0.11.0-1+deb7u2.debian.tar.gz fee899722c4b557aaf1a168f973d4af0cb4d91d0778a301f2fdeb7865df87a90 438298 spice-client_0.11.0-1+deb7u2_amd64.deb 282b9128348c5cc6c04e0f4f99cd7ddcc7d5660dbd3b252d03ca92f703b9a697 376668 libspice-server1_0.11.0-1+deb7u2_amd64.deb a712a1d834b7f41ad67cac894f29df432134adc55dcc8c498a1eac36c037e68e 456838 libspice-server-dev_0.11.0-1+deb7u2_amd64.deb Files: c8789994db6eb4360b5afe463d86a5fa 2276 misc optional spice_0.11.0-1+deb7u2.dsc 6ab31f06d2fab118944cf75b40e4b665 33438 misc optional spice_0.11.0-1+deb7u2.debian.tar.gz dfbfe9f635aeb847b99d380247909b9b 438298 misc optional spice-client_0.11.0-1+deb7u2_amd64.deb 1ff6d68b051bfe52a2ac280ea5a48c29 376668 libs optional libspice-server1_0.11.0-1+deb7u2_amd64.deb fea3f8784b179de8bef322d69d45c538 456838 libdevel optional libspice-server-dev_0.11.0-1+deb7u2_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCgAGBQJWF8+SAAoJEAVMuPMTQ89E6I8P/1FV7obiUyCZwqKSOyw+BOPx EyQAHKdGTLpLHuELlpHgvnY+pqThLyYggABr8d0muE/kaUXptdJLEoXcPM20ya8l 19w1BzqSELTM0kNxkbtKBjIYewTDHi9PUbGfxcxgakMOuUd08s77OdK5vpBJipV7 tnyEsKFdHidYJkClbicMxkq2EduGn22+p5jnzaSxVCbIdZBif9iMIX8QCgMZiFH9 GCs1x/8JTeGFFUXp5UiD21R5dJrlStUQ9BGYEA3ea5ejuDXwsBAVIAb87YFDkof3 xPYWYBLEmIbxXoKKs83VBKD37KE3eJypldL/P6QliNO8iv8XhqSz78Psd2OlZKO1 FrRSOiy04GtbLLoqSZ0jhIe93G44bpJy37UqFbvLstIufEdsDDg0wvKrxPBEhYGj RtZlb/1BQGmGRO6s5haVjfYyTtRfO0he45JA2b5OUbF9t8KOZxlEzFhzPQLj4VbA eKG4VrwD5alVTPu8elJAAwd24fPa6YY6mBDISybzyc+s66OvR67SQ51ok7ryJyPA 0Uhb9OlMquNkqdVuhQX2Ly0td0Wnh9tZcHWkeUA2vj4N9PGfyoL0cTwXDpnFyRwE Mx+jhzexM9KA3pdjpGGGiLogkyQqK9yfI3TomjhTATGakoXGb46l4QAK0yGr1/RV JWM298tQ7rGGTH17e81I =X/1m -----END PGP SIGNATURE-----