Source: spice Version: 0.14.0-1.2 Severity: grave Tags: security upstream Control: found -1 0.12.8-2.1+deb9u2 Control: found -1 0.12.8-2.1 Control: fixed -1 0.12.8-2.1+deb9u3
Hi, The following vulnerability was published for spice. CVE-2019-3813[0]: Off-by-one error in array access in spice/server/memslot.c If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2019-3813 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3813 [1] https://www.openwall.com/lists/oss-security/2019/01/28/2 Regards, Salvatore