[Buildroot] [PATCH 1/2] package/spice: security bump to version 0.15.0

Thomas Petazzoni thomas.petazzoni at bootlin.com
Sun Jul 18 21:30:00 UTC 2021


On Wed, 16 Jun 2021 08:10:01 +0200
Fabrice Fontaine <fontaine.fabrice at gmail.com> wrote:

> Fix CVE-2021-20201: A flaw was found in spice in versions before
> 0.14.92. A DoS tool might make it easier for remote attackers to cause a
> denial of service (CPU consumption) by performing many renegotiations
> within a single connection.
> 
> https://gitlab.freedesktop.org/spice/spice/-/tags/v0.15.0
> 
> Signed-off-by: Fabrice Fontaine <fontaine.fabrice at gmail.com>
> ---
>  package/spice/spice.hash | 2 +-
>  package/spice/spice.mk   | 2 +-
>  2 files changed, 2 insertions(+), 2 deletions(-)

Both applied, thanks!

Thomas
-- 
Thomas Petazzoni, CTO, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com



More information about the buildroot mailing list