SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for spice-server-0.12.4-16.el6.x86_64.rpm :
Fri Dec 9 13:00:00 2016 Frediano Ziglio - 0.12.4-16
- Fix buffer overflow in main_channel_alloc_msg_rcv_buf when reading large
messages.
Resolves: CVE-2016-9577
- Fix remote DoS via crafted message.
Resolves: CVE-2016-9578

Tue Sep 6 14:00:00 2016 Victor Toso - 0.12.4-15
- Avoid spice assertion when changing sized stream
Resolves: rhbz#1274575
- Make red_client_{ref,unref} thread safe to avoid crash
Resolves: rhbz#1361946

Tue Apr 26 14:00:00 2016 Christophe Fergeau - 0.12.4-14
- Fix heap-based memory corruption within smartcard handling
Resolves: CVE-2016-0749
- Fix host memory access from guest with invalid primary surface parameters
Resolves: CVE-2016-2150

Fri Jan 22 13:00:00 2016 Christophe Fergeau 0.12.4-13
- Fix \" qemu-kvm: spicevmc.c:324: spicevmc_red_channel_alloc_msg_rcv_buf:
Assertion `!state->recv_from_client_buf\' failed.\" assertion during migration
Resolves: rhbz#1264113

Wed Sep 23 14:00:00 2015 Frediano Ziglio 0.12.4-12.3
- CVE-2015-5260 CVE-2015-5261 fixed various security flaws
Resolves: rhbz#1262770

Wed Sep 23 14:00:00 2015 Frediano Ziglio 0.12.4-12.2
- Validate surface_id
Resolves: rhbz#1262770

Tue Jul 21 14:00:00 2015 Christophe Fergeau 0.12.4-12.1
- Avoid race conditions reading monitor configs from guest. This race could
trigger memory corruption host-side
Resolves: rhbz#1239124

Mon Mar 2 13:00:00 2015 Christophe Fergeau 0.12.4-12
- Fix spicevmc-related crash which could be triggered with older clients
Resolves: rhbz#1163480
- Fix crash when using VNC + QXL + rhel-6.0.0 machine type
Resolves: rhbz#1135372

Thu Aug 7 14:00:00 2014 Marc-Andre Lureau 0.12.4-11
- Fix invalid surface clearing
Resolves: rhbz#1127342

Tue Aug 5 14:00:00 2014 Marc-Andre Lureau 0.12.4-10
- Fix crash on invalid client message.
Resolves: rhbz#962187

Tue Jun 3 14:00:00 2014 Christophe Fergeau 0.12.4-9
- Fix potential infinite loop on long running VMs (> 46 days)
Resolves: rhbz#1072700
- Fix assertion in video streaming code
Resolves: rhbz#1086820

Fri Apr 25 14:00:00 2014 Christophe Fergeau 0.12.4-8
- Fix bad dates in changelog
Resolves: rhbz#1038670
- Fix crash on migration during reboot
Resolves: rhbz#1004443
- Use TLS 1.0 or better
Resolves: rhbz#1035695

Mon Dec 2 13:00:00 2013 Uri Lublin 0.12.4-7
- Monitor whether the client is alive
Resolves: rhbz#994175

Mon Oct 14 14:00:00 2013 Christophe Fergeau 0.12.4-6
- Fix bad error handling in the patch for CVE-2013-4282
Related: rhbz#999839 (CVE-2013-4282)

Thu Oct 10 14:00:00 2013 Christophe Fergeau 0.12.4-5
- Make sure we build with -Wl,-z,relro. We used to be getting that flag
from openssl, but this is no longer the case, and rpmdiff gave a huge
warning about it being gone
Related: rhbz#999839 (CVE-2013-4282)

Mon Sep 2 14:00:00 2013 Christophe Fergeau 0.12.4-4
- Fix spice-server crash when client sends a password which is too long
Resolves: rhbz#999839 (CVE-2013-4282)

Tue Aug 27 14:00:00 2013 Uri Lublin - 0.12.4-3
- decrease the timeout for flushing commands and waiting for client.
Resolves: rhbz#995041

Mon Jul 29 14:00:00 2013 Yonit Halperin - 0.12.4-2
- Fix crashes when client is disconnected
Resolves: rhbz#918169

Thu Jul 18 14:00:00 2013 Uri Lublin - 0.12.4-1
- Rebase to upstream 0.12.4
Resolves: rhbz#952671
Resolves: rhbz#859027
Resolves: rhbz#823472
Resolves: rhbz#961848
Resolves: rhbz#977998
Resolves: rhbz#887775

Thu Jun 27 14:00:00 2013 Uri Lublin - 0.12.3-1
- Rebase to upstream 0.12.3 + some additional patches
Resolves: rhbz#952671
Resolves: rhbz#884812
Resolves: rhbz#918472
Resolves: rhbz#958276
Resolves: rhbz#978403

Sun May 19 14:00:00 2013 Uri Lublin - 0.12.0-14
- Fix a crash running a F19 guest -- do not abort on stride > 0
Resolves: rhbz#952666

Sun May 19 14:00:00 2013 Uri Lublin - 0.12.0-13
- Migration related fixes

* Destroy video streams before sending MSG_MIGRATE

* Fix wrong is_low_bandwidth setting after 2 migrations of a session
that was originally a low bandwidth one.
Resolves: rhbz#950029
Resolves: rhbz#956345

Wed Jan 16 13:00:00 2013 Hans de Goede - 0.12.0-12
- Fix a crash when rapidly changing monitor configuration
Resolves: rhbz#868807

Wed Jan 9 13:00:00 2013 Uri Lublin 0.12.0-11
- Fix a crash when setting screen-saver properties.
- Fix a leak.
Resolves: rhbz#891326

Thu Dec 20 13:00:00 2012 Yonit Halperin 0.12.0-10
- Fix throwing away drawables that have masks
Resolves: rhbz#864982

Mon Dec 17 13:00:00 2012 Uri Lublin 0.12.0-9
- Fix calling set_client_capabilities when it is unsupported by qemu
(fixes a crash when qemu-kvm is started with spice but without qxl)
Resolves: rhbz#880276

Fri Dec 7 13:00:00 2012 Yonit Halperin 0.12.0-8
- Fix crash when reconnecting while a video is played
Resolves: rhbz#883564

Mon Dec 3 13:00:00 2012 Yonit Halperin 0.12.0-7
- Fix mishandling of agent data received from the client after agent disconnection
Resolves: rhbz#881980

Thu Nov 29 13:00:00 2012 Yonit Halperin 0.12.0-6
- Fix sending internal images with stride > bpp
*width to lz compression
Resolves: rhbz#876685

Mon Nov 26 13:00:00 2012 Yonit Halperin 0.12.0-5
- Fix various migration related bugs

* don\'t process both cmd ring and dispatcher queue till migration data is received

* fix assigning bad memory references to marshaller

* fix memory corruption when receiving display migration data that exceeds 1024 bytes
Resolves: rhbz#866929
Resolves: rhbz#862352
Resolves: rhbz#878700

Wed Nov 21 13:00:00 2012 Uri Lublin 0.12.0-4
- Build/Requires libjpeg-turbo-devel instead of libjpeg-devel
- Related: rhbz#788687

Thu Nov 15 13:00:00 2012 Alon Levy 0.12.0-3
- don\'t call set_client_capabilities if vm is stopped.
- Resolves: rhbz#867405

Mon Oct 29 13:00:00 2012 Uri Lublin 0.12.0-2
- Make spice-server-devel package Require spice-protocol >= 0.12.2
- Related: rhbz#842353

Thu Sep 20 14:00:00 2012 Uri Lublin 0.12.0-1
- Rebase to upstream spice-server 0.12.0, which adds:

* support setting client monitor configuration via device
QXLInterface::client_monitors_config

* support notifying guest of client capabilities
QXLInterface::set_client_capabilities

* new capability for A8 Surface support
Resolves: rhbz#836123
Resolves: rhbz#842353
Resolves: rhbz#842310

Mon Sep 3 14:00:00 2012 Uri Lublin 0.11.3-1
- Rebase to upstream spice-server 0.11.3, which adds:

* Support for seamless migration

* Support for Render

* spice-protocol is in the tarball now (a submodule in git)
Resolves: rhbz#836123
Resolves: rhbz#842353

Sun May 20 14:00:00 2012 Yonit Halperin 0.10.1-10
- Fix crash in video streaming
Resolves: rhbz#822686

Wed May 16 14:00:00 2012 Yonit Halperin 0.10.1-9
- Fix memory leak during video streaming
Resolves rhbz#821334
- Fix segfault introduced when fixing rhbz#813826
Related: rhbz#813826

Tue May 15 14:00:00 2012 Alon Levy - 0.10.1-8
- Fix self_bitmap lifetime to that of RedDrawable
Resolves rhbz#821235

Tue May 8 14:00:00 2012 Alon Levy - 0.10.1-7
- Add usbredir to list of channels for security purposes
Resolves rhbz#819484

Mon May 7 14:00:00 2012 Yonit Halperin - 0.10.1-6
- Fix glitches in youtube movies
+ support video streams with frames of different sizes
Resolves: rhbz#813826

Thu Apr 5 14:00:00 2012 Hans de Goede - 0.10.1-5
- Don\'t free the rcc twice when unregistering an usbredir chardev
Resolves: rhbz#806169

Mon Mar 5 13:00:00 2012 Christophe Fergeau - 0.10.1-4
- add more logging for expired/invalid tickets
Resolves: rhbz#787669
- add more logging about use of certificates
Resolves: rhbz#787678

Thu Feb 23 13:00:00 2012 alon - 0.10.1-3
- fix race that can lead to accessing freed memory
Resolves: rhbz#790749

Wed Feb 22 13:00:00 2012 Yonit Halperin - 0.10.1-2
- support IPV6 addresses in channel events sent to qemu
Resolves: rhbz#788444

Mon Jan 23 13:00:00 2012 Hans de Goede - 0.10.1-1
- Rebase to upstream 0.10.1
Resolves: rhbz#758089
- This release adds support for usbredirection
Resolves: rhbz#758091
- This release fixes a bug in smartcard error handling
Resolves: rhbz#741259

Wed Oct 26 14:00:00 2011 Alon Levy - 0.8.2-5
- main dispatcher added
Resolves: rhbz#746950

Wed Sep 28 14:00:00 2011 Uri Lublin - 0.8.2-4
- semi-seamless migration support
- added pyparsing.py as source, and using it to build the package.
- client patches are not applied.
- requires spice-protocol-0.8.1-2 (equivalent to upstream 0.8.2)
- advertise itself as version 0.8.3, to notify the new feature.
Resolves: rhbz#738266

Mon Aug 1 14:00:00 2011 Uri Lublin - 0.8.2-3
- Drop unnecessary X11 and alsa requires from spice-server.pc
+ Fix a rpmdiff warning
Related: rhbz#723676
- server/red_dispatcher: fix wrong resolution set for tablet
Resolves: rhbz#726973

Wed Jul 27 14:00:00 2011 Uri Lublin - 0.8.2-2
- On migration, do not read command rings before RED_WORKER_MESSAGE_START
Resolves: rhbz#718713

Fri Jul 22 14:00:00 2011 Uri Lublin - 0.8.2-1
- Rebase to upstream 0.8.2, including
+ sasl support (fdo bz 34795)
+ support guest async io
+ support guest suspend and hibernate
+ add symbol versioning to libspice-server.so
+ prevent running an old spice-server with a newer qemu
+ Bug fixes (RHBZ): 714801, 713474, 674532, 653545
+ BuildRequires spice-protocol >= 0.8.1 and cyrus-sasl-devel
Resolves: #723676

Mon Jun 27 14:00:00 2011 Uri Lublin - 0.8.1-2
- Remove Obsolete lines (added in 0.7.2-3)
Resolves: #707119

Sun Jun 5 14:00:00 2011 Uri Lublin - 0.8.1-1
- Rebase to upstream 0.8.1, including
+ Make copy/paste support configurable
+ Some server/vdagent bugs fixed
Resolves: #710200

Mon Mar 7 13:00:00 2011 Uri Lublin - 0.8.0-1
- Rebase to upstream 0.8.0
+ Includes \"Fix segfault on migration\" patch
+ Some spice-client bug fixes.
Resolves: #672035

Mon Feb 21 13:00:00 2011 Uri Lublin - 0.7.3-2
- Fix segfault on migration
Resolves: #674451

Thu Feb 17 13:00:00 2011 Uri Lublin - 0.7.3-1
- Rebase to upstream 0.7.3:
+ Mostly smart-card updates:
- including all the changes in 0.7.2.4
+ Some gcc warning cleanups.
- Fix permissions of spice-server.pc
Resolves: #672035

Fri Feb 4 13:00:00 2011 Uri Lublin - 0.7.2-4
- smartcard -- libcacard 0.1.2 updates:
- server
- use network byte order when talking to device.
- both
- no more reader_id_t, uint32_t instead
- no more ReaderAddResponse, use VSC_Error with
code==VSC_SUCCESS instead.
- change an assert to a red_printf(\"error:..\")
if got an unexpectedly undefined reader id.
- client (not part of this package)
- track number of expected reader insertions
Resolves: #674937

Fri Feb 4 13:00:00 2011 Uri Lublin - 0.7.2-3
- Obsolete old packages that are not needed now
Resolves: #674171

Mon Jan 24 13:00:00 2011 Uri Lublin - 0.7.2-2
- Rebase to spice upstream release 0.7.2
- Drop all patches (all upstreamed)
- Enable smartcard (CAC) support
Resolves: #672035

Fri Jul 30 14:00:00 2010 Uri Lublin - 0.4.2-15
- Fix unsafe accesses
+ fix unsafe guest data accessing.
+ fix unsafe free() call.
+ fix unsafe cursor items handling.
+ add missing overflow check.
Resolves: #568811

Wed Jun 30 14:00:00 2010 Uri Lublin - 0.4.2-14
- make opengl optional - add a missing patch
ifdef out some opengl calls.
Resolves: #482556

Wed Jun 30 14:00:00 2010 Uri Lublin - 0.4.2-13
- remove Requires and BuildRequires mesa-libGLU-devel
+ open-gl is now disabled.
- bumped release to -13 due to tag issue
Related: #482556

Wed Jun 30 14:00:00 2010 Uri Lublin - 0.4.2-11
- make opengl optional, disabled by default (2 patches)
Resolves: #482556

Thu Apr 22 14:00:00 2010 Uri Lublin - 0.4.2-10
- spice: server: new-api (4 more patches)
+ streaming-video, agent-mouse, playback-compression.
Related: #571286

Sun Apr 4 14:00:00 2010 Uri Lublin - 0.4.2-9
- generate auto
* generated files (e.g. Makefile.in)
Resolves: #579329

Tue Mar 23 13:00:00 2010 Uri Lublin - 0.4.2-8
- spice server: renaming library and includedir
Resolves: #573349

Tue Mar 23 13:00:00 2010 Uri Lublin - 0.4.2-7
- fix wrong access to ring item
Resolves: #575556

Tue Mar 23 13:00:00 2010 Uri Lublin - 0.4.2-6
- more permissive video identification
Resolves: #575576

Tue Mar 23 13:00:00 2010 Uri Lublin - 0.4.2-5
- new migration process
Resolves: #576029

Wed Mar 17 13:00:00 2010 Uri Lublin - 0.4.2-4
- spice: server: new-api (2 more patches)
Related: #571286

Mon Mar 8 13:00:00 2010 Uri Lublin - 0.4.2-3
- Use default configure macro (remove _prefix and _libdir)
Related: #543948

Sun Mar 7 13:00:00 2010 Uri Lublin - 0.4.2-2
- spice: server: new-api (10 patches)
Related: #571286

Sun Mar 7 13:00:00 2010 Uri Lublin - 0.4.2-1
- spice: server: avoid video streaming of small images
Resolves: #571283

Sun Jan 11 13:00:00 2009 Uri Lublin - 0.4.2-0
- first spec for 0.4.2
Related: #549807


  
ICM