Branch: refs/heads/release-16.09
Home: https://github.com/NixOS/nixpkgs
Commit: 4562b1b138541b4485744e09d63ff570156f463f
https://github.com/NixOS/nixpkgs/commit/4562b1b138541b4485744e09d63ff570156f463f
Author: Graham Christensen <[email protected]>
Date: 2017-02-08 (Wed, 08 Feb 2017)
Changed paths:
A
pkgs/development/libraries/spice/0001-Adapting-the-following-patch-from-http-pkgs.fedorapr.patch
M pkgs/development/libraries/spice/default.nix
Log Message:
-----------
spice: Patch for CVE-2016-9577, CVE-2016-9578
>From the Red Hat advisory:
* A vulnerability was discovered in spice in the server's protocol
handling. An authenticated attacker could send crafted messages to
the spice server causing a heap overflow leading to a crash or
possible code execution. (CVE-2016-9577)
* A vulnerability was discovered in spice in the server's protocol
handling. An attacker able to connect to the spice server could send
crafted messages which would cause the process to crash.
(CVE-2016-9578)
(cherry picked from commit 77e920d874e9c1b4c41ef1250013b19e8fa792c1)
_______________________________________________
nix-commits mailing list
[email protected]
http://lists.science.uu.nl/mailman/listinfo/nix-commits
