-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 15 Feb 2017 20:46:43 +0100 Source: spice Binary: spice-client libspice-server1 libspice-server1-dbg libspice-server-dev Architecture: source Version: 0.12.5-1+deb8u4 Distribution: jessie-security Urgency: high Maintainer: Liang Guo <guoliang@debian.org> Changed-By: Salvatore Bonaccorso <carnil@debian.org> Description: libspice-server-dev - Header files and development documentation for spice-server libspice-server1 - Implements the server side of the SPICE protocol libspice-server1-dbg - Debugging symbols for libspice-server1 spice-client - Implements the client side of the SPICE protocol Changes: spice (0.12.5-1+deb8u4) jessie-security; urgency=high . * Non-maintainer upload by the Security Team. * Prevent possible DoS attempts during protocol handshake (CVE-2016-9578) * Prevent integer overflows in capability checks (CVE-2016-9578) * main-channel: Prevent overflow reading messages from client (CVE-2016-9577) Checksums-Sha1: 587313c4b9c73dd727b802984a22caae33719126 2524 spice_0.12.5-1+deb8u4.dsc a4ce262bfc931976e9f6cada17effc71f10bd906 29268 spice_0.12.5-1+deb8u4.debian.tar.xz Checksums-Sha256: 2b0a0c615ff4d8f8e6ead66c86c10c5dbbae2921a34bcb358c181c6b3d7a71ff 2524 spice_0.12.5-1+deb8u4.dsc b840240e8c99c82fd29843d6d206cfac400c681ac521d02f4d24cc94361473e2 29268 spice_0.12.5-1+deb8u4.debian.tar.xz Files: 93e1180a4af9eb088a8253f8a3459fe6 2524 misc optional spice_0.12.5-1+deb8u4.dsc 8cab93ddba87fedab2ac73f912a1d2ef 29268 misc optional spice_0.12.5-1+deb8u4.debian.tar.xz -----BEGIN PGP SIGNATURE----- iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAliks+VfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk ZWJpYW4ub3JnAAoJEAVMuPMTQ89ENqoP/2GUZM2q40CNNTOt4LW52vvTeuWj9jbf +zpeRsG5jzCPq/AbeZcGdccNt2vfCWRUkCSzHsJlOD3vk2jN9AJyPmTEfnXLcAO1 VxC1G4qhmLmNx/1jlZCx1yJx+uANINI82IRiY5W9UB0thFchFML9H20CAZPH3Fzr mqBA8GaO/R6L0AWbjISQYMDCw4I+r2+ViRFsyac6jQ7My+jlBb4BaMq1FwhGJjvu npLnex0stnD6rsfaVgfDz//5fP9BHv+Sr7lT0QDqR8OOQ5/+V590AQCuq4GwHPbq 1MdukQeRqjsbxaOXV6v/w/tHgIhcCtqrxI3lZkE9l3VOZ4DD6hzlaRlwOi0gQrGI AqSrlFtTnBewtMeZ7tIvqx4OaWE07h590hnUZv1PDG3Fm7ftuQiRduJgFMfnhqEN SX7kPcu0+1c0N/T2pwn0HuWxdmqWFZ9LtQKQNO1ysot4j56jE4ZE3NhuuMrkhMp8 hFJyavlT3e4h0spr2lajpJXSZ4UNHtuQOcawM32tYWt4axPJW9s2EjFyEYK0HLd0 CvNaBaiHiVuCaRBCUYyXPBhHKvZ7K3V4f9+pFdF/A65X5UwNuMbEFejlWs2Q6yTL npKKBIyVE0UvKmofyrKIp3qew0rkUfqDbJKtBJlb1Xl/zwGrt7/t9RgYt49gJxYD lL/V/PPV/uXG =jc/d -----END PGP SIGNATURE-----