rtime.felk.cvut.cz Git - coffee/buildroot.git/commit

author	Peter Korsgaard <peter@korsgaard.com>
	Wed, 21 Jun 2017 22:07:44 +0000 (00:07 +0200)
committer	Peter Korsgaard <peter@korsgaard.com>
	Mon, 26 Jun 2017 12:33:07 +0000 (14:33 +0200)
commit	070fbefd4711fcd2b30695f1f67890134fbef4ee
tree	fe7a7b60f55a075d8f81a63319fe421ba7ca9dd8	tree \| snapshot
parent	9d47edc29c2d0ec73fcd46f1787ee65c3d8da53e	commit \| diff

spice: add post-0.12.8 upstream security fixes

Fixes the following security issues:

CVE-2016-9577

    Frediano Ziglio of Red Hat discovered a buffer overflow
    vulnerability in the main_channel_alloc_msg_rcv_buf function. An
    authenticated attacker can take advantage of this flaw to cause a
    denial of service (spice server crash), or possibly, execute
    arbitrary code.

CVE-2016-9578

    Frediano Ziglio of Red Hat discovered that spice does not properly
    validate incoming messages. An attacker able to connect to the
    spice server could send crafted messages which would cause the
    process to crash.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 087e70498ab25c76cd8542100361f79af7580eb7)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/spice/0001-Prevent-possible-DoS-attempts-during-protocol-handsh.patch	[new file with mode: 0644]	blob
package/spice/0002-Prevent-integer-overflows-in-capability-checks.patch	[new file with mode: 0644]	blob
package/spice/0003-main-channel-Prevent-overflow-reading-messages-from-.patch	[new file with mode: 0644]	blob