summaryrefslogtreecommitdiffstats
path: root/package/glmark2/0002-NativeStateDRM-use-fixed-event-context-version.patch
diff options
context:
space:
mode:
authorPeter Korsgaard <peter@korsgaard.com>2017-06-22 00:07:43 +0200
committerPeter Korsgaard <peter@korsgaard.com>2017-06-22 23:25:30 +0200
commit75057fe76742188455a5218b47cdf4116d84c268 (patch)
treefd0533bf1d66c24cbd4f7e64fefdad8ae80758b3 /package/glmark2/0002-NativeStateDRM-use-fixed-event-context-version.patch
parent622ff3d6ea63ca7c7aab7e5609cfb1e4190eff8a (diff)
downloadbuildroot-75057fe76742188455a5218b47cdf4116d84c268.tar.gz
buildroot-75057fe76742188455a5218b47cdf4116d84c268.zip
spice: security bump to version 0.12.8
Fixes the following security issues: CVE-2016-0749: The smartcard interaction in SPICE allows remote attackers to cause a denial of service (QEMU-KVM process crash) or possibly execute arbitrary code via vectors related to connecting to a guest VM, which triggers a heap-based buffer overflow. CVE-2016-2150: SPICE allows local guest OS users to read from or write to arbitrary host memory locations via crafted primary surface parameters, a similar issue to CVE-2015-5261. The pyparsing check has been dropped from configure, and the spice protocol definition is again included, so the workarounds can be removed. Signed-off-by: Peter Korsgaard <peter@korsgaard.com> Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Diffstat (limited to 'package/glmark2/0002-NativeStateDRM-use-fixed-event-context-version.patch')
0 files changed, 0 insertions, 0 deletions
OpenPOWER on IntegriCloud