ELA-79-1 spice security update

out of bounds read

Related CVE CVE-2019-3813

Christophe Fergeau of RedHat found an off-by-one error in spice, a SPICE protocol client and server library, that leads to an out of bounds read, which can be exploited by a malicious client to cause denial of service or arbitrary code execution.

For Debian 7 Wheezy, these problems have been fixed in version 0.11.0-1+deb7u6.

We recommend that you upgrade your spice packages.

Further information about Extended LTS security advisories can be found at: https://deb.freexian.com/extended-lts/