[ubuntu/hirsute-proposed] spice-vdagent 0.20.0-2 (Accepted)

Christian Ehrhardt  christian.ehrhardt at canonical.com
Tue Dec 8 14:02:25 UTC 2020


spice-vdagent (0.20.0-2) unstable; urgency=medium

  * QA upload.
  * Set Maintainer to Debian QA Group. (see #911430)
  * Add changes from Ubuntu:
    * SECURITY UPDATE: Memory DoS via Arbitrary Entries in active_xfers Hash
      Table
      - debian/patches/CVE-2020-25650-1.patch: avoid agents allocating file
        transfers in src/vdagentd/vdagentd.c.
      - debian/patches/CVE-2020-25650-2.patch: avoid uncontrolled
        active_xfers allocations in src/vdagentd/vdagentd.c.
      - CVE-2020-25650
    * SECURITY UPDATE: Possible File Transfer DoS and Information Leak via
      active_xfers Hash Map
      - debian/patches/CVE-2020-25651-1.patch: cleanup active_xfers when the
        client disconnects in src/vdagentd/vdagentd.c.
      - debian/patches/CVE-2020-25651-2.patch: do not allow using an already
        used file-xfer id in src/vdagentd/vdagentd.c.
      - CVE-2020-25651
    * SECURITY UPDATE: Possibility to Exhaust File Descriptors in vdagentd
      - debian/patches/CVE-2020-25652-1.patch: avoid unlimited agent
        connections in src/udscs.c.
      - debian/patches/CVE-2020-25652-2.patch: limit number of agents per
        session to 1 in src/vdagentd/vdagentd.c.
      - CVE-2020-25652
    * SECURITY UPDATE: UNIX Domain Socket Peer PID Retrieved via SO_PEERCRED
      is Subject to Race Condition
      - debian/patches/CVE-2020-25653-1.patch: avoid user session hijacking
        in src/vdagent-connection.c, src/vdagent-connection.h,
        src/vdagentd/vdagentd.c.
      - debian/patches/CVE-2020-25653-2.patch: better check for sessions in
        src/vdagentd/console-kit.c, src/vdagentd/dummy-session-info.c,
        src/vdagentd/session-info.h, src/vdagentd/systemd-login.c,
        src/vdagentd/vdagentd.c.
      - CVE-2020-25653
    * Additional fixes:
      - debian/patches/CVE-2020-2565x-1.patch: avoid calling chmod in
        src/vdagentd/vdagentd.c.
    (Closes: #973769)

Date: 2020-12-04 04:51:44.733718+00:00
Signed-By: Christian Ehrhardt  <christian.ehrhardt at canonical.com>
https://launchpad.net/ubuntu/+source/spice-vdagent/0.20.0-2
-------------- next part --------------
Sorry, changesfile not available.


More information about the Hirsute-changes mailing list