Package "libspice-server1"

Name:	libspice-server1
Description:	Implements the server side of the SPICE protocol
Latest version:	0.12.6-4ubuntu0.5
Release:	xenial (16.04)
Level:	updates
Repository:	main
Head package:	spice
Homepage:	http://spice-space.org/

Links

Raw Package Information

All versions of this package

Bug fixes

List of files in package

Repository home page

Download "libspice-server1"

32-bit deb package

64-bit deb package

APT INSTALL

Other versions of "libspice-server1" in Xenial

Repository	Area	Version
base	main	0.12.6-4
security	main	0.12.6-4ubuntu0.5

Changelog

Version: 0.12.6-4ubuntu0.5 2020-10-06 15:06:17 UTC

Version: 0.12.6-4ubuntu0.5	2020-10-06 15:06:17 UTC
spice (0.12.6-4ubuntu0.5) xenial-security; urgency=medium * SECURITY UPDATE: multiple buffer overflows in QUIC image decoding - debian/patches/CVE-2020-14355-1.patch: check we have some data to start decoding quic image in spice-common/common/quic.c. - debian/patches/CVE-2020-14355-2.patch: check image size in quic_decode_begin in spice-common/common/quic.c. - debian/patches/CVE-2020-14355-3.patch: check RLE lengths in spice-common/common/quic_tmpl.c. - debian/patches/CVE-2020-14355-4.patch: avoid possible buffer overflow in find_bucket in spice-common/common/quic_family_tmpl.c. - CVE-2020-14355 -- Marc Deslauriers <email address hidden> Thu, 01 Oct 2020 07:15:42 -0400
Source diff to previous version

spice (0.12.6-4ubuntu0.5) xenial-security; urgency=medium * SECURITY UPDATE: multiple buffer overflows in QUIC image decoding - debian/patches/CVE-2020-14355-1.patch: check we have some data to start decoding quic image in spice-common/common/quic.c. - debian/patches/CVE-2020-14355-2.patch: check image size in quic_decode_begin in spice-common/common/quic.c. - debian/patches/CVE-2020-14355-3.patch: check RLE lengths in spice-common/common/quic_tmpl.c. - debian/patches/CVE-2020-14355-4.patch: avoid possible buffer overflow in find_bucket in spice-common/common/quic_family_tmpl.c. - CVE-2020-14355 -- Marc Deslauriers <email address hidden> Thu, 01 Oct 2020 07:15:42 -0400

Source diff to previous version

Version: 0.12.6-4ubuntu0.4 2019-01-28 21:07:07 UTC

spice (0.12.6-4ubuntu0.4) xenial-security; urgency=medium * SECURITY UPDATE: off-by-one error in memslot_get_virt - debian/patches/CVE-2019-3813.patch: fix checks in server/red_memslots.c. - CVE-2019-3813 -- Marc Deslauriers <email address hidden> Thu, 24 Jan 2019 09:45:07 -0500

Source diff to previous version

CVE-2019-3813

Off-by-one error in array access in spice/server/memslot.c

Version: 0.12.6-4ubuntu0.3 2017-07-19 18:07:22 UTC

spice (0.12.6-4ubuntu0.3) xenial-security; urgency=medium * SECURITY UPDATE: buffer overflow via invalid monitor configurations - debian/patches/CVE-2017-7506-1.patch: disconnect when receiving overly big ClientMonitorsConfig in server/reds.c. - debian/patches/CVE-2017-7506-2.patch: avoid integer overflows handling monitor configuration in server/reds.c. - debian/patches/CVE-2017-7506-3.patch: avoid buffer overflows handling monitor configuration in server/reds.c. - CVE-2017-7506 -- Marc Deslauriers <email address hidden> Tue, 18 Jul 2017 13:34:33 -0400

Source diff to previous version

CVE-2017-7506

spice versions though 0.13 are vulnerable to out-of-bounds memory ...

Version: 0.12.6-4ubuntu0.2 2017-02-20 20:07:15 UTC

Version: 0.12.6-4ubuntu0.2	2017-02-20 20:07:15 UTC
spice (0.12.6-4ubuntu0.2) xenial-security; urgency=medium * SECURITY UPDATE: overflow when reading large messages - debian/patches/CVE-2016-9577.patch: check size in server/main_channel.c. - CVE-2016-9577 * SECURITY UPDATE: DoS via crafted message - debian/patches/CVE-2016-9578-1.patch: limit size in server/reds.c. - debian/patches/CVE-2016-9578-2.patch: limit caps in server/reds.c. - CVE-2016-9578 -- Marc Deslauriers <email address hidden> Wed, 15 Feb 2017 14:02:33 -0500
Source diff to previous version

spice (0.12.6-4ubuntu0.2) xenial-security; urgency=medium * SECURITY UPDATE: overflow when reading large messages - debian/patches/CVE-2016-9577.patch: check size in server/main_channel.c. - CVE-2016-9577 * SECURITY UPDATE: DoS via crafted message - debian/patches/CVE-2016-9578-1.patch: limit size in server/reds.c. - debian/patches/CVE-2016-9578-2.patch: limit caps in server/reds.c. - CVE-2016-9578 -- Marc Deslauriers <email address hidden> Wed, 15 Feb 2017 14:02:33 -0500

Source diff to previous version

Version: 0.12.6-4ubuntu0.1 2016-06-21 15:06:36 UTC

spice (0.12.6-4ubuntu0.1) xenial-security; urgency=medium * SECURITY UPDATE: denial of service and possible code execution via memory allocation flaw in smartcard interaction - debian/patches/CVE-2016-0749/*.patch: add a ref to item and allocate msg with the expected size in server/smartcard.c. - CVE-2016-0749 * SECURITY UPDATE: host memory access from guest with invalid primary surface parameters - debian/patches/CVE-2016-2150/*.patch: create a function to validate surface parameters in server/red_parse_qxl.*, improve primary surface parameter checks in server/red_worker.c. - CVE-2016-2150 -- Marc Deslauriers <email address hidden> Fri, 10 Jun 2016 10:12:39 -0400

CVE-2016-0749	The smartcard interaction in SPICE allows remote attackers to cause a denial of service (QEMU-KVM process crash) or possibly execute arbitrary code v
CVE-2016-2150	SPICE allows local guest OS users to read from or write to arbitrary host memory locations via crafted primary surface parameters, a similar issue to

About - Send Feedback to @ubuntu_updates

Package "libspice-server1"

Links

Download "libspice-server1"

Other versions of "libspice-server1" in Xenial

Changelog

Share this page

Bookmarks

Latest updates

security

proposed

updates

PPA updates