-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Package : spice Version : 0.12.5-1+deb8u7 CVE ID : CVE-2019-3813 Debian Bug : 920762
Christophe Fergeau discovered an out-of-bounds read vulnerability in spice, a SPICE protocol client and server library, which might result in denial of service (spice server crash), or possibly, execution of arbitrary code. For Debian 8 "Jessie", this problem has been fixed in version 0.12.5-1+deb8u7. We recommend that you upgrade your spice packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEcJymx+vmJZxd92Q+nUbEiOQ2gwIFAlxR0KMACgkQnUbEiOQ2 gwIcvQ/8CTN3oXVpYlP4S3M5RDw6hODVs4mVybrfhtejODuDx0GxMjg2Iv9m8jv0 KjIIaiTKc9cDFeRoc0mi5vA4ZBqCY98OFX7BQfNBhEdVbaAUjxeTCXR6Mddg2VwZ Zg9YfVWACCovmcDszmzGzheD7a/x3aWTZlZuwiTC2+aORqWHGsWQhrsovM1aSDoQ VXrAvuuzrtFks3FoYG2Y8RqBT9FZsUfBq4BVBtN7WJm7xsEebFxjhQEgb37vNhFB 9qQtHJ0L6mstkY9Dmb+jLz2iPh0qn1Lxin67P8FOnRGfEYgYmKjqhxDyl2W3TFiX TCksBGdz+Xyfw8fV+thMFKJmUZwfmv550mqD4yKItrxztS06Bi0S3PHU1PMLRhSq VRZzCTY4is672amqPYMuwpQpa4DlpVh6S30enH8IyD0LPwZJqyi+kwgLUJe0OcT+ 2qGGcRpwTAffL/rFlznUBhCQdDYfOCvCoJ+om4E5+rnxFKJrRrXPaNAC5rDzRi7B cjH/JaMx1GEUxGIXx5YCKVXbsGxMvYIiqN8Q3hPed6wDv0iY3uTi77NPsYz8igWk RqWblmYba8NFsfpYPGIRn04Djk1YUsvmMPo0MzrMGBtX5i8Pr5ox28mo7xrQ7ZZV TNqYKCrMYafOsBLrSnjhpKgfvALrnuVHzweVFByvHPfY2QkoaCI= =u/JL -----END PGP SIGNATURE-----
