Hey, I just realized the patches fixing CVE-2016-0749 were never sent upstream (I wrongly assumed this had been done already :( Here are a version of the fixes which make them apply to master. Christophe _______________________________________________ Spice-devel mailing list Spice-devel@xxxxxxxxxxxxxxxxxxxxx https://lists.freedesktop.org/mailman/listinfo/spice-devel