Hey, These 3 patches are fixing CVE-2017-7506 for which the embargo was lifted today. One needs to have successfully established a SPICE connection (including authentication) before this can become an issue. Thanks to Frediano for noticing this, and working on the patches! I'll push these shortly as they were reviewed privately already. Christophe _______________________________________________ Spice-devel mailing list Spice-devel@xxxxxxxxxxxxxxxxxxxxx https://lists.freedesktop.org/mailman/listinfo/spice-devel