Changelog for
spice-server-devel-0.14.0-7.el7.x86_64.rpm :
Tue Dec 18 13:00:00 2018 Christophe Fergeau
- 0.14.0-7
- Fix off-by-one error during guest-to-host memory address conversion
Resolves: CVE-2019-3813
- Add patch for upstream commit 48179332d9da0. This should help with corrupted
spice-html5 displays
Resolves: rhbz#1573739
- Add missing minimum openssl version Requires for patch #24
Resolves: rhbz#1627693
Thu Aug 9 14:00:00 2018 Frediano Ziglio - 0.14.0-6
- Fix flexible array buffer overflow
Resolves: rhbz#1596008
Wed Jun 20 14:00:00 2018 Christophe Fergeau - 0.14.0-5
- Don\'t mute Record channel on client reconnection
Resolves: rhbz#1549132
- Allow to configure TLS protocol versions and ciphers which SPICE will use for
TLS communications
Resolves: rhbz#1562213
- Enable ECDH ciphers with OpenSSL 1.0
Resolves: rhbz#1566597
Fri Apr 27 14:00:00 2018 Christophe Fergeau - 0.14.0-4
- Revert back to spice 0.12 behaviour where QXL guest resources for cursor
commands are only released when the current cursor is replaced. This avoids
a QEMU regression causing crashes during migration
Resolves: rhbz#1567944
Tue Apr 3 14:00:00 2018 Christophe Fergeau - 0.14.0-3
- Disable TLSv1.0
Resolves: rhbz#1521053
Thu Oct 12 14:00:00 2017 Christophe Fergeau - 0.14.0-2
- Add streaming patches for use with spice-streaming-agent
Related: rhbz#1478356
Wed Oct 11 14:00:00 2017 Christophe Fergeau - 0.14.0-1
- Rebase to 0.14.0 release
Resolves: rhbz#1472948
Fri Sep 22 14:00:00 2017 Christophe Fergeau 0.13.90-2
- Add lz4-devel BuildRequires
Resolves: rhbz#1460191
Wed Jul 26 14:00:00 2017 Christophe Fergeau 0.13.90-1
- Rebase to latest upstream release
Resolves: rhbz#1472948
Fri Jul 14 14:00:00 2017 Jonathon Jongsma - 0.12.8-4
- build with opus support
Resolves: rhbz#1456832
Fri Jun 30 14:00:00 2017 Christophe Fergeau 0.12.8-3
- Prevent potential buffer/integer overflows with invalid MonitorsConfig messages
sent from an authenticated client
Resolves: CVE-2017-7506
Tue Apr 25 14:00:00 2017 Christophe Fergeau 0.12.8-2
- Drop clients immediatly if the magic they send is wrong
Resolves: rhbz#1416692
Mon Jan 16 13:00:00 2017 Christophe Fergeau 0.12.8-1
- Rebase to spice-server 0.12.8
Resolves: rhbz#1388947
Resolves: rhbz#1377551
Resolves: rhbz#1283202
Fri Dec 9 13:00:00 2016 Frediano Ziglio - 0.12.4-20
- Fix buffer overflow in main_channel_alloc_msg_rcv_buf when reading large
messages.
Resolves: CVE-2016-9577
- Fix remote DoS via crafted message.
Resolves: CVE-2016-9578
Fri Sep 9 14:00:00 2016 Christophe Fergeau 0.12.4-19
- Ensure SPICE_MIGRATE_COMPLETED is sent in all cases when it\'s needed.
Resolves: rhbz#1352836
Fri Jul 1 14:00:00 2016 Christophe Fergeau - 0.12.4-18
- Fix crash when connecting to VM using smartcard passthrough
Resolves: rhbz#1340899
- Fix hang after unredirecting a USB device
Resolves: rhbz#1338752
- Backport spice_qxl_set_max_monitors()
Resolves: rhbz#1283202
Wed Apr 27 14:00:00 2016 Christophe Fergeau - 0.12.4-17
- Fix crash when the client sends a wrong header (for example when using spice-html5)
Resolves: rhbz#1281442
- Fix crash when guest provides wrong address
Resolves: rhbz#1264356
- Fix thread-safety issue causing a crash when playing a Youtube video spanning
multiple monitors
Resolves: rhbz#1253375
- Add patches reducing QEMU wake-ups
Related: rhbz#912763, rhbz#1186146
- Fix use-after-free after resetting a VM
Resolves: rhbz#1281455
- Send KeepAlive probes every 10 minutes
Resolves: rhbz#1298590
- Add client to guest volume synchronization
Resolves: rhbz#1264107
Mon Apr 25 14:00:00 2016 Christophe Fergeau - 0.12.4-16
- Use autosetup
Related: CVE-2016-0749
- Fix heap-based memory corruption within smartcard handling
Resolves: CVE-2016-0749
- Fix host memory access from guest with invalid primary surface parameters
Resolves: CVE-2016-2150
Wed Sep 23 14:00:00 2015 Frediano Ziglio 0.12.4-15
- CVE-2015-5260 CVE-2015-5261 fixed various security flaws
Resolves: rhbz#1267134
Thu Sep 10 14:00:00 2015 Frediano Ziglio 0.12.4-14
- Validate surface_id
Resolves: rhbz#1260971
Tue Jul 21 14:00:00 2015 Frediano Ziglio 0.12.4-13
- Clean stale statistics file before creating a new one
Resolves: rhbz#1177326
Fri Jul 10 14:00:00 2015 Fabiano Fidêncio 0.12.4-12
- Fix a backport issue on Patch0040.
Related: rhbz#1071176
Resolves: rhbz#1241860
Thu Jul 9 14:00:00 2015 Fabiano Fidêncio 0.12.4-11
- Don\'t assert on invalid client message
Resolves: rhbz#1227410
- Don\'t truncate large \'now\' values in _spice_timer_set
Resolves: rhbz#1227408
- Avoid race conditions reading monitor configs from guest
Resolves: rhbz#1239128
- Lock the pixmap image cache for the entire fill_bits call
Resolves: rhbz#1235443
Wed Jul 8 14:00:00 2015 Fabiano Fidêncio 0.12.4-10
- Fix qemu segmentation fault (core dumped) when boot KVM guest with
spice in FIPS enabled mode.
Resolves: rhbz#1071176
Mon Jan 5 13:00:00 2015 Marc-Andre Lureau 0.12.4-9
- Allow recent TLS/SSL methods, block SSLv2/SSLv3. Resolves: rhbz#1175540
Tue Oct 21 14:00:00 2014 Christophe Fergeau 0.12.4-8
- Fix defects reported by Coverity
Resolves: rhbz#885717
- Validate surface bounding box sent from QXL driver
Resolves: rhbz#1052856
- Fix assertion sometimes happening during migration while a client is
connected
Resolves: rhbz#1035184
- Fix crash when restarting VM with old client
Resolves: rhbz#1145919
Thu Sep 18 14:00:00 2014 Christophe Fergeau 0.12.4-7
- Fix assert in mjpeg_encoder_adjust_params_to_bit_rate()
Resolves: rhbz#1086823
- Fix \"Spice-ERROR
*
*: reds.c:1464:reds_send_link_ack: assertion
`link->link_mess->channel_type == SPICE_CHANNEL_MAIN\' failed\" assertion
Resolves: rhbz#1058625
- Lower a monitor-config warning to debug level
Resolves: rhbz#1119220
- mjpeg: Don\'t warn on unsupported image formats
Resolves: rhbz#1070028
Thu Aug 7 14:00:00 2014 Marc-Andre Lureau 0.12.4-6
- Fix invalid surface clearing
Resolves: rhbz#1029646
Wed Jan 29 13:00:00 2014 Christophe Fergeau 0.12.4-5
- Fix qemu crash during migration with reboot
Resolves: rhbz#1016795
- Monitor whether the client is alive
Resolves: rhbz#1016790
Tue Oct 15 14:00:00 2013 Christophe Fergeau 0.12.4-3
- Fix spice-server crash when client sends a password which is too long
Resolves: CVE-2013-4282
Fri Sep 13 14:00:00 2013 Christophe Fergeau 0.12.4-2
- Add upstream patch fixing rhbz#995041
Fri Aug 2 14:00:00 2013 Hans de Goede - 0.12.4-1
- Add patches from upstream git to fix sound-channel-free crash (rhbz#986407)
- Add Obsoletes for dropped spice-client sub-package
Mon Jul 22 14:00:00 2013 Yonit Halperin 0.12.4-1
- New upstream release 0.12.4
- Require libjpeg-turbo-devel instead of libjpeg-devel
- Remove \"BuildRequires: spice-protocol\" from spice-server
- Add \"Requires: spice-protocol\" to spice-server-devel.
Thu May 23 14:00:00 2013 Christophe Fergeau 0.12.3-2
- Stop building spicec, it\'s obsolete and superseded by remote-viewer
(part of virt-viewer)
Tue May 21 14:00:00 2013 Christophe Fergeau 0.12.3-1
- New upstream release 0.12.3
- Drop all patches (they were all upstreamed)
Mon Apr 15 14:00:00 2013 Hans de Goede - 0.12.2-4
- Add fix from upstream for a crash when the guest uses RGBA (rhbz#952242)
Thu Mar 7 13:00:00 2013 Adam Jackson 0.12.2-4
- Rebuild for new libsasl2 soname in F19
Mon Jan 21 13:00:00 2013 Hans de Goede - 0.12.2-3
- Add a number of misc. bug-fixes from upstream
Fri Dec 21 13:00:00 2012 Adam Tkac - 0.12.2-2
- rebuild against new libjpeg
Thu Dec 20 13:00:00 2012 Hans de Goede - 0.12.2-1
- New upstream release 0.12.2
Fri Sep 28 14:00:00 2012 Hans de Goede - 0.12.0-1
- New upstream release 0.12.0
- Some minor spec file cleanups
- Enable building on arm
Thu Sep 6 14:00:00 2012 Soren Sandmann - 0.11.3-1
- BuildRequire pyparsing
Thu Sep 6 14:00:00 2012 Soren Sandmann - 0.11.3-1
- Add capability patches
- Add capability patches to the included copy of spice-protocol
Please see the comment above Patch6 and Patch7
regarding this situation.
Thu Sep 6 14:00:00 2012 Soren Sandmann - 0.11.3-1
- Update to 0.11.3 and drop upstreamed patches
- BuildRequire spice-protocol 0.12.1
Sat Jul 21 14:00:00 2012 Fedora Release Engineering - 0.10.1-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
Mon May 14 14:00:00 2012 Alon Levy
- Fix mjpeg memory leak and bad behavior.
- Add usbredir to list of channels for security purposes. (#819484)
Sun May 13 14:00:00 2012 Alon Levy
- Add double free fix. (#808936)
Tue Apr 24 14:00:00 2012 Alon Levy
- Add 32 bit fixes from git master. (#815717)
Tue Feb 28 13:00:00 2012 Fedora Release Engineering - 0.10.1-2
- Rebuilt for c++ ABI breakage
Mon Jan 23 13:00:00 2012 Hans de Goede - 0.10.1-1
- New upstream release 0.10.1
Sat Jan 14 13:00:00 2012 Fedora Release Engineering - 0.10.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
Thu Nov 10 13:00:00 2011 Alon Levy - 0.10.0-1
- New upstream release 0.10.0
- support spice-server.i686
Wed Sep 28 14:00:00 2011 Marc-André Lureau - 0.9.1-2
- Provides spice-xpi-client alternative in spice-client
Thu Aug 25 14:00:00 2011 Hans de Goede - 0.9.1-1
- New upstream release 0.9.1
Mon Jul 25 14:00:00 2011 Marc-André Lureau - 0.9.0-1
- New upstream release 0.9.0
Wed Apr 20 14:00:00 2011 Hans de Goede - 0.8.1-1
- New upstream release 0.8.1
Fri Mar 11 13:00:00 2011 Hans de Goede - 0.8.0-2
- Fix being unable to send ctrl+alt+key when release mouse is bound to
ctrl+alt (which can happen when used from RHEV-M)
Tue Mar 1 13:00:00 2011 Hans de Goede - 0.8.0-1
- New upstream release 0.8.0
Fri Feb 11 13:00:00 2011 Hans de Goede - 0.7.3-1
- New upstream release 0.7.3
Wed Feb 9 13:00:00 2011 Fedora Release Engineering - 0.7.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
Wed Jan 19 13:00:00 2011 Hans de Goede - 0.7.2-1
- New upstream release 0.7.2
Fri Dec 17 13:00:00 2010 Hans de Goede - 0.7.1-1
- New upstream release 0.7.1
- Drop all patches (all upstreamed)
- Enable smartcard (CAC) support
Wed Nov 17 13:00:00 2010 Hans de Goede - 0.6.3-4
- Fix the info layer not showing when used through the XPI
- Do not let the connection gui flash by when a hostname has been specified
on the cmdline
- Fix spice client locking up when dealing with XIM input (#654265)
- Fix modifier keys getting stuck (#655048)
- Fix spice client crashing when dealing with XIM ibus input (#655836)
- Fix spice client only showing a white screen in full screen mode
Sat Nov 6 13:00:00 2010 Hans de Goede - 0.6.3-3
- Log to ~/.spicec/cegui.log rather then to CEGUI.log in the cwd, this
fixes spicec from aborting when run in a non writable dir (#650253)
Fri Nov 5 13:00:00 2010 Hans de Goede - 0.6.3-2
- Various bugfixes from upstream git:
- Make spicec work together with the Firefox XPI for RHEV-M
- Make sure the spicec window gets properly raised when first shown
Mon Oct 18 14:00:00 2010 Hans de Goede - 0.6.3-1
- Update to 0.6.3
- Enable GUI
Thu Sep 30 14:00:00 2010 Gerd Hoffmann - 0.6.1-1
- Update to 0.6.1.
Tue Aug 31 14:00:00 2010 Alexander Larsson - 0.6.0-1
- Update to 0.6.0 (stable release)
Tue Jul 20 14:00:00 2010 Alexander Larsson - 0.5.3-1
- Update to 0.5.3
Tue Jul 13 14:00:00 2010 Gerd Hoffmann - 0.5.2-4
- Quote % in changelog to avoid macro expansion.
Mon Jul 12 14:00:00 2010 Gerd Hoffmann - 0.5.2-3
- %configure handles CFLAGS automatically, no need to fiddle
with %{optflags} manually.
Mon Jul 12 14:00:00 2010 Gerd Hoffmann - 0.5.2-2
- Fix license: LGPL.
- Cleanup specfile, drop bits not needed any more with
recent rpm versions (F13+).
- Use optflags as-is.
-
Fri Jul 9 14:00:00 2010 Gerd Hoffmann - 0.5.2-1
- initial package.