it-securitynotifies AT lists.piratenpartei.de

Betreff: Sicherheitsankündigungen

Listenarchiv

[IT-SecNots] [SECURITY] [DSA 3907-1] spice security update

From: Moritz Muehlenhoff <jmm AT debian.org>
To: debian-security-announce AT lists.debian.org
Subject: [IT-SecNots] [SECURITY] [DSA 3907-1] spice security update
Date: Tue, 11 Jul 2017 23:31:14 +0200
List-archive: https://lists.debian.org/msgid-search/20170711213114.kzgvkjywk45s2bpf AT pisco.westfalen.local
List-id: <debian-security-announce.lists.debian.org>
List-url: <http://lists.debian.org/debian-security-announce/>
Old-return-path: <jmm AT inutil.org>
Priority: urgent
Resent-date: Tue, 11 Jul 2017 21:31:31 +0000 (UTC)
Resent-from: debian-security-announce AT lists.debian.org
Resent-message-id: <Uo_FEgZZVZK.A.LMB.yOUZZB@bendel>
Resent-sender: debian-security-announce-request AT lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- -------------------------------------------------------------------------
Debian Security Advisory DSA-3907-1 security AT debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
July 11, 2017 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : spice
CVE ID : CVE-2017-7506

Frediano Ziglio discovered a buffer overflow in spice, a SPICE protocol
client and server library which may result in memory disclosure, denial
of service and potentially the execution of arbitrary code.

For the oldstable distribution (jessie), this problem has been fixed
in version 0.12.5-1+deb8u5.

For the stable distribution (stretch), this problem has been fixed in
version 0.12.8-2.1+deb9u1.

For the unstable distribution (sid), this problem will be fixed soon.

We recommend that you upgrade your spice packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlllQ20ACgkQEMKTtsN8
TjbpaQ//ROlmyl4JVodVQAk8DjVYPogV48ec4deaK2eoUZjbdtnD7MMgbCVpfXwy
S28rbzVm8hLIq0Wkz7ypCRVF0PDtlAyY7xBgzRPwzeA6TmzZIh5DGHoX3vPEdCB5
i4nyYKvYJ6LZdtbAyWOIVfuJHAcOEKfNm5nAB2jTrb0zFOArzjYpIRM2qxPl4OPq
u+eFgFd0KF+VXoEPkuINl5FgRdO2ykWQUeP1U22KNUcR6cwWLLtpx+1E9eV5Y6RN
Ii3RzEJQLTmAemHE2cp19I66bbVWWtgUXFzePeNGr6zYM8K/o+g5O0dPdGbuo8Md
E3KUyQlBSLAm+fH1WPu59Q5HaQBPHy9jDMQHqeOLIB9/i75JQ5Y84he3FupsAvJl
EdbU/iAzc7mBCFfhec+rVZkabo/9GW4JeIH55fyeikcYDpqnzrr7NbAZMUz1XGtj
Lqv6mC5yG6WpFSq8rGyPjxKyUbzy37caB8E5M4rtP8Jk8QfXh2cheZ2T5LkvjjYA
AnAmTF4OF2cnwBwu3shzxWXxYx9ln8JNYywJJ/7qa/q8MZqWrEq9nMhR0CVqqim4
YEzRl2ztImL1RnA3JzbLDlC5k8jARs5gXOpAr0JfZRusk8+shnEY7YvxTRQtgjB7
GwfBPJ1eILuqpQiGSIyOvApUmoFKXCNB3miu2IyIBBdrszHGHkA=
=hBBD
-----END PGP SIGNATURE-----

[IT-SecNots] [SECURITY] [DSA 3907-1] spice security update, Moritz Muehlenhoff, 11.07.2017

Archiv bereitgestellt durch MHonArc 2.6.19.