-
Committer:
Package Import Robot
-
Author(s):
Salvatore Bonaccorso
-
Date:
2014-01-03 17:52:06 UTC
-
Revision ID:
package-import@ubuntu.com-20140103175206-uviowf6qd2uzvaeg
Tags: 0.11.0-1+deb7u1
* Non-maintainer upload by the Security Team.
* Add CVE-2013-4130.patch patch.
CVE-2013-4130: unsafe clients ring access abort. An user able to
initiate spice connection to the guest could use this flaw to crash the
guest. (Closes: #717030)
* Add CVE-2013-4282.patch patch.
CVE-2013-4282: Fix buffer overflow when decrypting client SPICE ticket.
A remote user able to initiate a SPICE connection to an application
acting as a SPICE server could use this flaw to crash the application.
(Closes: #728314)