| Release | Version |
|---|---|
| jessie | 0.25-1+deb8u2 |
| stretch | 0.33-3.3+deb9u2 |
| buster | 0.35-2 |
| bullseye | 0.39-1 |
| bookworm | 0.42-1 |
| trixie | 0.42-2 |
| sid | 0.42-2 |
| Bug | jessie | stretch | buster | bullseye | bookworm | trixie | sid | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-14355 | fixed | fixed | vulnerable (no DSA) | fixed | fixed | fixed | fixed | Multiple buffer overflow vulnerabilities were found in the QUIC image ... |
| CVE-2018-10893 | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | fixed | Multiple integer overflow and buffer overflow issues were discovered i ... |
| CVE-2017-12194 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | A flaw was found in the way spice-client processed certain messages se ... |
| Bug | jessie | stretch | buster | bullseye | bookworm | trixie | sid | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-3066 | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | The spice-gtk widget allows remote authenticated users to obtain infor ... |
| Bug | Description |
|---|---|
| CVE-2018-10873 | A vulnerability was discovered in SPICE before version 0.14.1 where th ... |
| CVE-2013-4324 | spice-gtk 0.14, and possibly other versions, invokes the polkit author ... |
| CVE-2012-4425 | libgio, when used in setuid or other privileged programs in spice-gtk ... |
| DSA / DLA | Description |
|---|---|
| DLA-2428-1 | spice-gtk - security update |
| ELA-299-1 | spice-gtk - security update |
| DLA-1489-1 | spice-gtk - security update |