Branch: refs/heads/release-16.09 Home: https://github.com/NixOS/nixpkgs Commit: 4562b1b138541b4485744e09d63ff570156f463f https://github.com/NixOS/nixpkgs/commit/4562b1b138541b4485744e09d63ff570156f463f Author: Graham Christensen <gra...@grahamc.com> Date: 2017-02-08 (Wed, 08 Feb 2017)
Changed paths: A pkgs/development/libraries/spice/0001-Adapting-the-following-patch-from-http-pkgs.fedorapr.patch M pkgs/development/libraries/spice/default.nix Log Message: ----------- spice: Patch for CVE-2016-9577, CVE-2016-9578 >From the Red Hat advisory: * A vulnerability was discovered in spice in the server's protocol handling. An authenticated attacker could send crafted messages to the spice server causing a heap overflow leading to a crash or possible code execution. (CVE-2016-9577) * A vulnerability was discovered in spice in the server's protocol handling. An attacker able to connect to the spice server could send crafted messages which would cause the process to crash. (CVE-2016-9578) (cherry picked from commit 77e920d874e9c1b4c41ef1250013b19e8fa792c1)
_______________________________________________ nix-commits mailing list nix-comm...@lists.science.uu.nl http://lists.science.uu.nl/mailman/listinfo/nix-commits