Debian Package Tracker

From: Markus Koschany <apo@debian.org>
To: <debian-devel-changes@lists.debian.org>
Subject: Accepted spice 0.12.8-2.1 (source) into unstable
Date: Wed, 15 Feb 2017 21:35:18 +0000
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 13 Feb 2017 21:42:01 +0100
Source: spice
Binary: libspice-server1 libspice-server-dev
Architecture: source
Version: 0.12.8-2.1
Distribution: unstable
Urgency: medium
Maintainer: Liang Guo <guoliang@debian.org>
Changed-By: Markus Koschany <apo@debian.org>
Description:
 libspice-server-dev - Header files and development documentation for spice-server
 libspice-server1 - Implements the server side of the SPICE protocol
Closes: 854336
Changes:
 spice (0.12.8-2.1) unstable; urgency=medium
 .
   * Non-maintainer upload.
   * Add CVE-2016-9577-and-CVE-2016-9578.patch:
     - CVE-2016-9577: A buffer overflow vulnerability in
       main_channel_alloc_msg_rcv_buf was found that occurs when reading large
       messages due to missing buffer size check.
     - CVE-2016-9578: A vulnerability was discovered in the server's
       protocol handling. An attacker able to connect to the spice server could
       send crafted messages which would cause the process to crash.
       (Closes: #854336)
Checksums-Sha1:
 2a92d404baec1d604a0cbbc8f0edaf184910f013 2543 spice_0.12.8-2.1.dsc
 cc1d4f7eb2e30368dd19ac28ff5c3317f57e8687 10172 spice_0.12.8-2.1.debian.tar.xz
 dce4512ed3b8815e4e1af56ae2e31bb5304cb947 6602 spice_0.12.8-2.1_amd64.buildinfo
Checksums-Sha256:
 a3d26dc4c66dd84e3e954fc67cfbf28fad6a26cdded67278220aead4f9ad2f97 2543 spice_0.12.8-2.1.dsc
 15a39e0b0175b40cd8250bd56fae54128bbdfc2dccb7f61dc2cba73a5c1569ff 10172 spice_0.12.8-2.1.debian.tar.xz
 b0ef2fdd963ae1ca7cd759e9918299c13d52115c3949a4a5c75d397f2226ab9d 6602 spice_0.12.8-2.1_amd64.buildinfo
Files:
 7e7213f52c1fce7aec2427e12333b184 2543 misc optional spice_0.12.8-2.1.dsc
 26d0da36734b0a162c8eee8d7c074aca 10172 misc optional spice_0.12.8-2.1.debian.tar.xz
 81a2076c8ac391231aae292ef785ef30 6602 misc optional spice_0.12.8-2.1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAliiH9lfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp
YW4ub3JnAAoJENmtFLlRO1Hkl54P/i72Q4vAaw1McnreWvTvM3D7zNr4bNg3Wxla
mY+VJ2Ts4GtXAzrKNaudR7ilSrVyZfoEkVvXg8APrFdmHNyPPAnEaO8nCbJXhWhQ
ss9o3wjIz8QyW6KUb26x6CnlEq33YrM+sNmFmi+hLWPIVXVObjeYbrMXB8W5PpBE
oTQ/g0xPNEE4BfMn9tSdMm+utl2+KTxWtCy+9h/EeX9FObLOFt9/378PrUOz5LQf
rLl8T4NITdWoxuLW6zsUPzH9OXAcYASmn77b4lUfGrXXdPP1LCF/P8Tugvg/tTcL
HbXF3YUTKLYpK0qZYq1eUS6QHCPhf4vj4HYxYzjYqvDqIAojiQ/pUV5RYat58neX
GS5xqgmh8sOs9ZO8d4+R1fgOM45iPB+Ya2rlJSjf6kce56XL+6jkjr5GqY2NeI57
7mIOvJJGjEtEPsEBlsHXChyydQMepMUtVPONcPANIqY7SXG/GnXrv0OVToAZ6m6U
25ETaJ+TQN7IgjOAgyGgMIrn/YQ6ERs9JrcLQJ717ymNqHRCnVJCGBUf11oAqCR9
llugKfHXry/9OvTb8VCDrqaCDPSMRtdzJLkkF6jzSDQ5TH8f8fSi/RZqi9pTLMdj
guQCyyq3Lo7YKUexuaSVyEMtRA5qfOV7B4/8jVhZgNPZ3fAnMI60mkSoroPdzQIj
IFDpDy4u
=55Kn
-----END PGP SIGNATURE-----
News for package spice
