openSUSE Build Service

Overview Repositories Revisions Requests Users Attributes Meta

File spice.changes of Package spice

-------------------------------------------------------------------
Mon Jan 28 17:48:19 UTC 2019 - Bruce Rogers <brogers@suse.com>

- Fix OOB memory access in internal tracking of slot_ids and
  group_ids. (CVE-2019-3813 bsc#1122706)
  * 0001-memslot-Fix-off-by-one-error-in-group-slot-boundary-.patch

-------------------------------------------------------------------
Mon Aug 20 10:05:54 UTC 2018 - cbosdonnat@suse.com

- Fix potential heap corruption when demarshalling (CVE-2018-10873,
  bsc#1104448)
  Added patch:
    bb15d481-Fix-flexible-array-buffer-overflow.patch

-------------------------------------------------------------------
Mon Jul 16 09:36:31 UTC 2018 - cbosdonnat@suse.com

- Avoid buffer overflow on image lz cheks (CVE-2018-10893, bsc#1101295)
  Added patches:
    0001-lz-Avoid-buffer-reading-overflow-checking-for-image-.patch
    0002-lz-More-checks-on-image-sizes.patch

-------------------------------------------------------------------
Fri Jun 30 09:59:26 UTC 2017 - cbosdonnat@suse.com

- Fix possible buffer overflow via invalid monitor configurations
  CVE-2017-7506.patch
  [CVE-2017-7506, bsc#1046779]

-------------------------------------------------------------------
Thu Feb  2 11:23:03 UTC 2017 - psimons@suse.com

- Added patches to fix two security vulnerabilities. 
  * CVE-2016-9577-buffer-overflow-in-main_channel_alloc_msg_rcv_buf.patch
    [CVE-2016-9577, bsc#1023078]
  * CVE-2016-9578-remote-dos-via-crafted-message.patch
    [CVE-2016-9578, bsc#1023079]

-------------------------------------------------------------------
Thu Jun  2 12:28:31 UTC 2016 - cbosdonnat@suse.com

- Fixes for bsc#982385 / CVE-2016-0749 and bsc#982386 / CVE-2016-2150
  CVE-2016-0749-smartcard-add-a-ref-to-item-before-adding-to-pipe.patch
  CVE-2016-0749-smartcard-allocate-msg-with-the-expected-size.patch
  CVE-2016-2150-create-a-function-to-validate-surface-parameters.patch
  CVE-2016-2150-improve-primary-surface-parameter-checks.patch

-------------------------------------------------------------------
Tue Oct  6 12:45:43 UTC 2015 - cbosdonnat@suse.com

- Fix for CVE-2015-5260 and CVE-2015-5261.
  bsc#944787, bsc#948976
  Added patches:
    0001-Validate-surface-bounding-box-before-using-it.patch
    0001-worker-validate-correctly-surfaces.patch
    0002-worker-avoid-double-free-or-double-create-of-surface.patch
    0003-Define-a-constant-to-limit-data-from-guest.patch
    0004-Fix-some-integer-overflow-causing-large-memory-alloc.patch
    0005-Check-properly-surface-to-be-created.patch
    0006-Fix-buffer-reading-overflow.patch
    0007-Prevent-32-bit-integer-overflow-in-bitmap_consistent.patch
    0008-Fix-race-condition-on-red_get_clip_rects.patch
    0009-Fix-race-in-red_get_image.patch
    0010-Fix-race-condition-in-red_get_string.patch
    0011-Fix-integer-overflow-computing-glyph_size-in-red_get.patch
    0012-Fix-race-condition-in-red_get_data_chunks_ptr.patch
    0013-Prevent-memory-leak-if-red_get_data_chunks_ptr-fails.patch
    0014-Prevent-DoS-from-guest-trying-to-allocate-too-much-d.patch
    0015-Fix-some-possible-overflows-in-red_get_string-for-32.patch
    0016-Make-sure-we-can-read-QXLPathSeg-structures.patch
    0017-Avoid-race-condition-copying-segments-in-red_get_pat.patch
    0018-Prevent-data_size-to-be-set-independently-from-data.patch
    0019-Prevent-leak-if-size-from-red_get_data_chunks-don-t-.patch

-------------------------------------------------------------------
Mon Sep  7 14:15:28 UTC 2015 - cbosdonnat@suse.com

- bsc#944460: fix CVE-2015-3247.
  cve-2015-3247.patch

-------------------------------------------------------------------
Wed Apr  1 12:28:30 UTC 2015 - cbosdonnat@suse.com

- bsc#848279: fix CVE-2013-4282.
  8af61900-cve-2013-4282-fix.patch

-------------------------------------------------------------------
Tue Sep  2 16:35:26 UTC 2014 - cbosdonnat@suse.com

- bnc#894069: disable smartcard support

-------------------------------------------------------------------
Mon Jul 29 08:11:33 UTC 2013 - aevseev@gmail.com

- Update to version 0.12.4:
  + log actual address spice-server binds to
  + main_channel: fix double release of migration target data (rhbz#859027)
  + red_channel: replace an assert upon threads mismatch with a warning (rhbz#823472)
  + support for filtering out agent file-xfer msgs (rhbz#961848)
  ++ new library export spice_server_set_agent_file_xfer
  + mjpeg encoder statistics (mjpeg_encoder_get_stats)
  + improve stream stats readability and ease of parsing
  + fix for stuck display_channel over WAN (jpeg_enabled=true) (rhbz#977998)
  + Use RING_FOREACH_SAFE and other SAFE macros (rhbz#887775)
  + Some server/tests fixes.
- New features from 0.12.3:
  + monitor client bandwidth and latency.
  + dynamically adjust video stream quality based on client bandwidth & latency.
  ++ new SPICE_MSGC_DISPLAY_STREAM_REPORT
  ++ can also set SPICE_BIT_RATE environment variable to override.
  + support arbitrary latency of audio stream wrt video stream:
  ++ new SPICE_MSG_PLAYBACK_LATENCY
  + notify agent on client disconnection
  ++ new VD_AGENT_CLIENT_DISCONNECTED message
  + better support for switching from qxl to vga mode
  ++ new library export spice_qxl_driver_unload
  + multiple monitor support in single channel fixes.
  + stop streams before migration.
  + don't send empty volume messages.
  + Bugs fixed: rhbz#891326, rhbz#958276, rhbz#956345
  + fixes to inputs, chardev, build fixes.
-------------------------------------------------------------------
Wed May 15 17:21:42 UTC 2013 - dimstar@opensuse.org

- Update to version 0.12.2:
  + Skipped 0.12.1, it existed in git but was never released.
  + spice-server now requires glib2 (like qemu does).
  + More robust ssl error and certificate handling.
  + Added support for websockets.
  + Tons of seamless migration bugfixes.
  + Also some none seamless migration bugfixes.
- Clean spec file using spec-cleaner.
- Rebase spice-glibc217.patch.
- Add pkgconfig(glib-2.0) BuildRequires: new dependency.
- Pass --enable-client and --enable-smartcard to configure in
  order to ensure the client and smartcard support are built (SC
  only on openSUSE >= 12.2).

-------------------------------------------------------------------
Thu Nov 22 17:11:27 UTC 2012 - afaerber@suse.de

- Update to version 0.12.0
* support setting client monitor configuration via device
 QXLInterface::client_monitors_config
* support notifying guest of client capabilities
 QXLInterface::set_client_capabilities
* new capability for A8 Surface support
* Enable build on armv6+
* Option to quit server after first client disconnects
 spice_server_set_exit_on_disconnect
* Support seamless migration: no loss of in transit messages. Still not
  supported for agent, smartcard and usb.
* Support a new rendering message, Composite, for much improved linux guest
  performance.
* Support arbitrary resolution & multiple monitors on a single display channel.
* Improved keyboard handling under network latency with new
  SPICE_MSGC_INPUTS_KEY_SCANCODE message.
* New libspice-server.so symbols:
 spice_server_set_seamless_migration
 spice_server_vm_stop
 spice_server_vm_start
 spice_qxl_monitors_config_async
* New capabilities:
 SPICE_DISPLAY_CAP_COMPOSITE
 SPICE_DISPLAY_CAP_MONITORS_CONFIG
 SPICE_INPUTS_CAP_KEY_SCANCODE
 SPICE_MAIN_CAP_AGENT_CONNECTED_TOKENS
 SPICE_MAIN_CAP_SEAMLESS_MIGRATE
* Misc:
 * char_device.c: Introducing shared flow control code for char devices
 * Enable build without client, cegui and slirp.
* New spice protocol messages: (changes in spice-protocol, here for reference)
 * SPICE_MSG_MAIN_NAME, SPICE_MSG_MAIN_UUID
 * SPICE_MSG_DISPLAY_STREAM_DATA_SIZED
* New corresponding caps: (changes in spice-protocol, here for reference)
 * SPICE_MAIN_CAP_NAME_AND_UUID
 * SPICE_DISPLAY_CAP_SIZED_STREAM.
* Send name & uuid to capable clients
* add support for frames of different sizes RHBZ #813826
* server:
 * support a pre-opened file descriptor
 * Solaris support. Now using poll instead of epoll.
 * Support IPV6 addresses in channel events RHBZ #788444
 * other fixed RHBZ#: 787669, 787678, 819484
* spicec
 * alsa: use "default" instead of "hw:0,0"
 * volume keys support RHBZ #552539
 * other fixed RHBZ#: 78655, 804561, 641828
* solaris, mingw & windows, 32 bit fixes.
* enable server only build.
* GNULIB manywarnings.m4 & warnings.m4 module added.
* Many more bug fixes & code cleanups.
* spice-protocol no longer external.
* new server functions:
 + spice_server_set_name
 + spice_server_set_uuid
 + spice_server_set_listen_socket_fd
 + spice_server_is_server_mouse
- Drop spice-gcc47.patch
- Update spice-glibc217.patch (file moved)

-------------------------------------------------------------------
Sat Nov 17 08:05:49 UTC 2012 - aj@suse.de

- Fix build with glibc 2.17 (add patch spice-glibc217.patch).

-------------------------------------------------------------------
Mon Apr  2 18:55:00 UTC 2012 - dimstar@opensuse.org

- Add spice-gcc47.patch: Fix build with gcc 4.7. Most of this used
  to be in spice-signed-comparison.patch which got dropped with
  latest update.

-------------------------------------------------------------------
Sun Apr  1 14:57:13 UTC 2012 - zaitor@opensuse.org

- Update to version 0.10.1:
  + Mini header support.
  + Add server API for injecting a client connection socket.
  + Add Xinerama support to spicec.
  + Many bugfixes / code cleanups.
  + Requires spice-protocol >= 0.10.1
- Drop spice-signed-comparison.patch and 
  0001-server-red_parse_qxl.h-License-should-be-LGPLv2-rath.patch
  Fixed upstream.

-------------------------------------------------------------------
Mon Mar 19 21:07:03 UTC 2012 - dimstar@opensuse.org

- Extend spice-signed-comparison.patch: incl. git commit 965a1a.

-------------------------------------------------------------------
Mon Feb 13 10:56:18 UTC 2012 - coolo@suse.com

- patch license to follow spdx.org standard

-------------------------------------------------------------------
Thu Jan  5 13:47:57 UTC 2012 - dvaleev@suse.com

- Only x86 and x86-64 are supported

-------------------------------------------------------------------
Tue Dec 13 20:34:59 UTC 2011 - brogers@suse.com

- Initial package, prepared for inclusion in Factory.

Places

File spice.changes of Package spice

Places