[Secure-testing-team] Bug#883238: spice-vdagent: CVE-2017-15108: Improper validation of xfers->save_dir in vdagent_file_xfers_data()
Salvatore Bonaccorso
carnil at debian.org
Fri Dec 1 07:20:59 UTC 2017
Source: spice-vdagent
Version: 0.17.0-1
Severity: important
Tags: patch security upstream
Hi,
the following vulnerability was published for spice-vdagent.
CVE-2017-15108[0]:
|spice-vdagent: Improper validation of xfers->save_dir in
|vdagent_file_xfers_data()
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2017-15108
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15108
[1] https://cgit.freedesktop.org/spice/linux/vd_agent/commit/?id=8ba174816d245757e743e636df357910e1d5eb61
Please adjust the affected versions in the BTS as needed.
Regards,
Salvatore
More information about the Secure-testing-team
mailing list