Information on source package spice

Available versions

ReleaseVersion
jessie0.12.5-1+deb8u5
jessie (security)0.12.5-1+deb8u6
stretch (security)0.12.8-2.1+deb9u1
buster0.14.0-1
sid0.14.0-1

Open issues

BugjessiestretchbustersidDescription
CVE-2018-10873fixedvulnerablevulnerablevulnerableA vulnerability was discovered in SPICE before version 0.14.1 where ...

Resolved issues

BugDescription
CVE-2017-7506spice versions though 0.13 are vulnerable to out-of-bounds memory ...
CVE-2016-9578A vulnerability was discovered in SPICE before 0.13.90 in the server's ...
CVE-2016-9577A vulnerability was discovered in SPICE before 0.13.90 in the server's ...
CVE-2016-2150SPICE allows local guest OS users to read from or write to arbitrary ...
CVE-2016-0749The smartcard interaction in SPICE allows remote attackers to cause a ...
CVE-2015-5261Heap-based buffer overflow in SPICE before 0.12.6 allows guest OS ...
CVE-2015-5260Heap-based buffer overflow in SPICE before 0.12.6 allows guest OS ...
CVE-2015-3247Race condition in the worker_update_monitors_config function in SPICE ...
CVE-2013-4282Stack-based buffer overflow in the reds_handle_ticket function in ...
CVE-2013-4130The (1) red_channel_pipes_add_type and (2) ...
CVE-2010-0430libspice, as used in QEMU-KVM in Red Hat Enterprise Virtualization ...
CVE-2010-0429libspice, as used in QEMU-KVM in the Hypervisor (aka rhev-hypervisor) ...
CVE-2010-0428libspice, as used in QEMU-KVM in the Hypervisor (aka rhev-hypervisor) ...

Security announcements

DSA / DLADescription
DLA-1486-1spice - security update
DSA-3907-1spice - security update
DSA-3907-1spice - security update
DLA-825-1spice - security update
DSA-3790-1spice - security update
DLA-531-1spice - security update
DSA-3596-1spice - security update
DSA-3371-1spice - security update
DSA-3371-1spice - security update
DSA-3354-1spice - security update
DSA-2839-1spice - denial of service

Search for package or bug name: Reporting problems