[Nix-commits] [NixOS/nixpkgs] 4562b1: spice: Patch for CVE-2016-9577, CVE-2016-9578

Graham Christensen Wed, 08 Feb 2017 19:06:05 -0800

  Branch: refs/heads/release-16.09
  Home:   https://github.com/NixOS/nixpkgs
  Commit: 4562b1b138541b4485744e09d63ff570156f463f
      
https://github.com/NixOS/nixpkgs/commit/4562b1b138541b4485744e09d63ff570156f463f
  Author: Graham Christensen <gra...@grahamc.com>
  Date:   2017-02-08 (Wed, 08 Feb 2017)


  Changed paths:
    A 
pkgs/development/libraries/spice/0001-Adapting-the-following-patch-from-http-pkgs.fedorapr.patch
    M pkgs/development/libraries/spice/default.nix

  Log Message:
  -----------
  spice: Patch for CVE-2016-9577, CVE-2016-9578

>From the Red Hat advisory:

* A vulnerability was discovered in spice in the server's protocol
  handling. An authenticated attacker could send crafted messages to
  the spice server causing a heap overflow leading to a crash or
  possible code execution. (CVE-2016-9577)

* A vulnerability was discovered in spice in the server's protocol
  handling. An attacker able to connect to the spice server could send
  crafted messages which would cause the process to crash.
  (CVE-2016-9578)

(cherry picked from commit 77e920d874e9c1b4c41ef1250013b19e8fa792c1)

_______________________________________________
nix-commits mailing list
nix-comm...@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-commits

[Nix-commits] [NixOS/nixpkgs] 4562b1: spice: Patch for CVE-2016-9577, CVE-2016-9578

Reply via email to