| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: libspice-server-devel | Distribution: openSUSE Leap 15.2 |
| Version: 0.14.2 | Vendor: openSUSE |
| Release: lp152.2.3.1 | Build date: Wed Oct 28 23:34:17 2020 |
| Group: Development/Languages/C and C++ | Build host: obs-power8-02 |
| Size: 36876 | Source RPM: spice-0.14.2-lp152.2.3.1.src.rpm |
| Packager: http://bugs.opensuse.org | |
| Url: https://www.spice-space.org/ | |
| Summary: Development files for building SPICE-server | |
Development files for building SPICE-server. The SPICE server is used to expose a remote machine's display and devices.
LGPL-2.1-or-later OR GPL-2.0-or-later
* Mon Oct 05 2020 Bruce Rogers <brogers@suse.com>
- Fix buffer overflow vulnerabilities in QUIC image decoding
(CVE-2020-14355 bsc#1177158)
0001-quic-Check-we-have-some-data-to-start-decoding-quic-.patch
0002-quic-Check-image-size-in-quic_decode_begin.patch
0003-quic-Check-RLE-lengths.patch
0004-quic-Avoid-possible-buffer-overflow-in-find_bucket.patch
* Thu May 16 2019 Bruce Rogers <brogers@suse.com>
- Update to v0.14.2 stable release
The main changes are support for Meson build and graphic device
info messages allowing to better support multi-monitor
configurations.
* support H265 in stream-channel
* add support for building with meson/ninja
* minor tests fixes improving CI
* set char device state for smartcard, allowing Qemu optimization
* improve red-parse-qxl.c interface making it more consistent
* add some instrumentation for streaming device
* QXL interface: add a function to identify monitors in the guest
(spice_qxl_set_device_info)
* add support for GraphicsDeviceInfo messages
* video-stream: prevent crash on stream reattach
* make channel client callbacks virtual functions
* bumped minimum required glib version to 2.38
* attempt to have a reliable led state for keyboard modifiers
- Removed patches:
(The first two are altered versions of what is carried upstream.
I think we're fine with what upstream does here)
0001-lz-Avoid-buffer-reading-overflow-checking-for-image-.patch
0002-lz-More-checks-on-image-sizes.patch
0001-memslot-Fix-off-by-one-error-in-group-slot-boundary-.patch
* Fri Mar 01 2019 olaf@aepfle.de
- Use plain python2 for SLE12 builds
- Remove PYTHON=python3, configure will find and use the python3
* Mon Jan 28 2019 Bruce Rogers <brogers@suse.com>
- Fix OOB memory access in internal tracking of slot_ids and
group_ids. (CVE-2019-3813 bsc#1122706)
* 0001-memslot-Fix-off-by-one-error-in-group-slot-boundary-.patch
- Remove celt051 Requires directive
* Wed Sep 19 2018 astieger@suse.com
- Upstream disabled support for the celt051 audio codec by default,
do likewise in the spec
- Note updated 0.14.1 build dependencies in the spec:
* OpenSSL 1.0.0 or newer is now required
* glib 2.32 required
- add upstream signing key and verify source signature
* Wed Sep 19 2018 Bruce Rogers <brogers@suse.com>
- Update to v0.14.1 stable release
The announcement email describes this release as follows:
The main change in this release is the addition of a new protocol
extension in order to support streaming the remote display as a
video stream rather than going through the QXL protocol. Together
with spice-streaming-agent, and/or with more work on the qemu/
spice-server side, this should allow streaming of 3D accelerated
VMs in the future. At this point, this part of spice-server is
still a work in progress (multi-monitor support and various
features are missing).
* avoid performance issues on Windows 10 KVM guests (boo#1109044)
* add new org.spice-space.stream.0 channel used for passing an
encoded video stream from the guest to the client
* add support for TCP_CORK to reduce the amount of packets that
we send
* fix CVE-2018-10873 (maintainer note: we already carried fix)
* fix cursor related migration crash
* fix regression causing sound recording to be muted after client
disconnection/reconnection (introduced in 0.13.90)
* fix regression in corner cases where images could be sent
uncompressed when they used to be compressed with QUIC
* disable TLS 1.0 support
* CELT 0.5.1 support is now disabled by default. If celt051-devel
is installed at build-time, --enable-celt051/--disable-celt051
must be explicitly specified
* drop support for unsupported OpenSSL version. OpenSSL 1.0.0 or
newer is now required
* bumped minimum required glib version to 2.32
* endianness fixes
* (small) leak fixes
* usual round of code cleanups
* not directly related to this release, but the upstream git
repository is now hosted on gitlab.freedesktop.org
- Removed patches:
bb15d481-Fix-flexible-array-buffer-overflow.patch
* Mon Aug 20 2018 cbosdonnat@suse.com
- Fix potential heap corruption when demarshalling (CVE-2018-10873,
bsc#1104448)
Added patch:
bb15d481-Fix-flexible-array-buffer-overflow.patch
* Mon Jul 16 2018 cbosdonnat@suse.com
- Avoid buffer overflow on image lz cheks (CVE-2018-10893, bsc#1101295)
Added patches:
0001-lz-Avoid-buffer-reading-overflow-checking-for-image-.patch
0002-lz-More-checks-on-image-sizes.patch
* Tue Jan 30 2018 jengelh@inai.de
- Correct RPM group for shared library.
* Tue Jan 30 2018 tchvatal@suse.com
- Split the sle condition again for exact features to allow their
override
* Thu Jan 18 2018 tchvatal@suse.com
- Enable smartcards on sle15 as the supportlib is available
* Condition it using name everywhere instead of suse versions
and join together with lz4
- Format with spec-cleaner
- Convert dependencies to pkgconfig style
- Install documentation and license file
- Add configure arguments to most of the options to not rely on
autotools automatic behavior
* Also enable gstreamer and lz4 options
- Drop the not needed python dependencies, they are needed only
when building from git snapshot
* Thu Oct 26 2017 cbosdonnat@suse.com
- Release 0.14.0
* fix client mouse with virgl
* fix frozen display after seamless migration
* set human-readable name on spice threads
* add sanity-checks for ORC library as it can abort spice-server
when selinux is in use
* Close TCP connection early when client did not send the correct
SPICE magic bytes: this allows VNC clients to gracefully fail
when connecting to a SPICE port
* Add VP9 encoding support when GStreamer is being used and misc
streaming/encoding improvements
* Improvements to replay utility
* Limit (deprecated/unusud) QXLMessage size to 100,000 characters
for improved safety
* Improve image quality in low bitrate situation when using the
GStreamer backend
* Added GStreamer support to the video streaming code
* Fix old migration bug causing migration to never end in some cases
* Added lz4 compression to the spicevmc channel
* Ongoing code cleanups
* add spice_qxl_gl_scanout() spice_qxl_gl_draw_async() for local
virgl support
* spice_server_set_keepalive_timeout() has been removed in favour of
unconditionally sending keepalive probes every 10 minutes
* Added public spice_server_set_keepalive_timeout() to make it possible
to tweak keepalive on all SPICE connection. This can prevent unwanted
idle disconnections if proxies are used between the client and the host.
* Fix important memory usage when the webdav channel is used
* Do not disconnect when the client requests an unsupported compression type
* Fix potential race condition when using multiple QXL devices
* Fix display glitch when using XSpice
* Improve help string for 'replay -s'
* Fix small leak in MJPEG code
- Removed patches:
* CVE-2016-9577-buffer-overflow-in-main_channel_alloc_msg_rcv_buf.patch
* CVE-2016-9578-remote-dos-via-crafted-message.patch
* Thu Feb 02 2017 psimons@suse.com
- Added patches to fix two security vulnerabilities.
* CVE-2016-9577-buffer-overflow-in-main_channel_alloc_msg_rcv_buf.patch
[CVE-2016-9577, bsc#1023078]
* CVE-2016-9578-remote-dos-via-crafted-message.patch
[CVE-2016-9578, bsc#1023079]
* Thu Feb 02 2017 cbosdonnat@suse.com
- Synchronize with SLES (fate#322402):
+ bnc#894069: disable smartcard support for SLES
+ merge changelog
* Thu Dec 22 2016 astieger@suse.com
- restrict suppression of obsoletes-not-provided warning to
spice-client bsc#1013916
* Tue Dec 13 2016 cbosdonnat@suse.com
- Obsolete spice-client (bsc#1013916)
* Thu Nov 10 2016 msuchanek@suse.com
- remove ExclusiveArch (boo#1009438)
* Sat Oct 08 2016 zaitor@opensuse.org
- Update to version 0.12.8:
+ Fixes for bsc#982385 / CVE-2016-0749 and bsc#982386 / CVE-2016-2150.
* Fri Apr 15 2016 cbosdonnat@suse.com
- Update to version 0.12.7 (fate#320079)
+ spice-server will now send TCP keepalive probes on the TCP connections it
uses. This can prevent unwanted idle disconnections if proxies are used
between the client and the host.
+ Fix important memory usage when the webdav channel is used
+ Do not disconnect when the client requests an unsupported compression type
+ Fix a few race conditions
+ Fix display glitch when using XSpice
+ Improve help string for 'replay -s'
+ Fix crashes in corner cases (buggy spice-html5 + win10, vnc + SPICE port
configured, USB webcam redirection over a slow link)
+ Fix various compilation warning when building on 32 bit machines
+ Some fixes for big-endian machines, more work is likely to be needed
+ Do not build static libraries by default, this can be reenabled with --enable-static
+ Fix small leak in MJPEG code
* Tue Oct 06 2015 cbosdonnat@suse.com
- Update to version 0.12.6
+ Removed spicec client code, it has been superseded by remote-viewer
and other spice-gtk based clients
+ Unix socket support
+ LZ4 support
+ Let clients specify their preferred image compression format
+ Allow to record and replay a spice-server session
+ Fixes for CVE-2015-3247 CVE-2015-5260 and CVE-2015-5261
bsc#944787, bsc#948976
+ spice-protocol submodule has been removed, spice-protocol must
now be installed when building spice-server
+ Remove write polling in chardevs to reduce wakeups
- Remove upstream merged patches:
+ spice-Don-t-use-48kHz-for-playback-recording-rates.patch
+ password-length-check.patch
+ cve-2015-3247.patch
* Mon Sep 07 2015 cbosdonnat@suse.com
- bsc#944460: fix CVE-2015-3247.
cve-2015-3247.patch
* Fri Jun 05 2015 cbosdonnat@suse.com
- Don't allow setting password longer than what the spice protocol
allows. password-length-check.patch. boo#931044
* Sun Oct 19 2014 crrodriguez@opensuse.org
- Replace xorg-x11-devel buildrequire by selected pkgconfig(xlibs..)
* Wed Oct 15 2014 zaitor@opensuse.org
- Update to version 0.12.5:
+ Added Opus support. Celt support will be obsoleted in a future
release.
+ Addition of webdav channel.
+ Force use of TLS 1.0 or newer for TLS connections.
+ Reference manual.
+ Some optimizations improving CPU use.
+ Various bug fixes for race conditions, memory corruption, which
could be triggered on client disconnections, migration, and
cause spice-server to misbehave.
+ Portability fixes.
+ Code cleanups.
+ bsc#848279: fix CVE-2013-4282.
- Add pkconfig(opus) BuildRequires: Needed to build new opus
support.
- Add spice-Don-t-use-48kHz-for-playback-recording-rates.patch:
Fix advertised sound playback/recording rates in public headers
(rh#1129961).
- Drop spice-glibc217.patch: No longer needed.
- Run spec-clean on spec file, remove conditionals for obsolete
versions of openSUSE, enable parallel build and drop obsolete
clean section.
/usr/include/spice-server /usr/include/spice-server/spice-audio.h /usr/include/spice-server/spice-char.h /usr/include/spice-server/spice-core.h /usr/include/spice-server/spice-experimental.h /usr/include/spice-server/spice-input.h /usr/include/spice-server/spice-migration.h /usr/include/spice-server/spice-qxl.h /usr/include/spice-server/spice-replay.h /usr/include/spice-server/spice-server.h /usr/include/spice-server/spice-version.h /usr/include/spice-server/spice.h /usr/lib64/libspice-server.so /usr/lib64/pkgconfig/spice-server.pc
Generated by rpm2html 1.8.1
Fabrice Bellet, Tue Apr 9 13:01:01 2024