Skip to content

"SLC6X: system environment/libraries: spice-server

spice-server - Implements the server side of the SPICE protocol

Website: http://www.spice-space.org/
License: LGPLv2+
Vendor: Scientific Linux CERN, https://cern.ch/linux
Description:
The Simple Protocol for Independent Computing Environments (SPICE) is
a remote display system built for virtual environments which allows
you to view a computing 'desktop' environment not only on the machine
where it is running, but from anywhere on the Internet and from a wide
variety of machine architectures.

This package contains the runtime libraries for any application that wishes
to be a SPICE server.

Packages

spice-server-0.12.4-16.el6_10.3.x86_64 [346 KiB] Changelog by Christophe Fergeau (2019-01-24):
- Fix off-by-one error during guest-to-host memory address conversion
  Resolves: CVE-2019-3813
spice-server-0.12.4-16.el6_10.2.x86_64 [346 KiB] Changelog by Christophe Fergeau (2018-10-15):
- Prevent potential buffer/integer overflows with invalid MonitorsConfig messages
  sent from an authenticated client
  Resolves: CVE-2017-7506
spice-server-0.12.4-16.el6_10.1.x86_64 [346 KiB] Changelog by Frediano Ziglio (2018-08-10):
- Fix flexible array buffer overflow
  Resolves: rhbz#1596008
spice-server-0.12.4-16.el6.x86_64 [345 KiB] Changelog by Frediano Ziglio (2016-12-09):
- Fix buffer overflow in main_channel_alloc_msg_rcv_buf when reading large
  messages.
  Resolves: CVE-2016-9577
- Fix remote DoS via crafted message.
  Resolves: CVE-2016-9578
spice-server-0.12.4-13.el6_8.2.x86_64 [345 KiB] Changelog by Frediano Ziglio (2016-12-09):
- Fix buffer overflow in main_channel_alloc_msg_rcv_buf when reading large
  messages.
  Resolves: CVE-2016-9577
- Fix remote DoS via crafted message.
  Resolves: CVE-2016-9578
spice-server-0.12.4-13.el6.1.x86_64 [345 KiB] Changelog by Christophe Fergeau (2016-04-26):
- Fix heap-based memory corruption within smartcard handling
  Resolves: CVE-2016-0749
- Fix host memory access from guest with invalid primary surface parameters
  Resolves: CVE-2016-2150
spice-server-0.12.4-13.el6.x86_64 [345 KiB] Changelog by Christophe Fergeau (2016-01-22):
- Fix " qemu-kvm: spicevmc.c:324: spicevmc_red_channel_alloc_msg_rcv_buf:
  Assertion `!state->recv_from_client_buf' failed." assertion during migration
  Resolves: rhbz#1264113
spice-server-0.12.4-12.el6_7.3.x86_64 [345 KiB] Changelog by Frediano Ziglio (2015-09-23):
- CVE-2015-5260 CVE-2015-5261 fixed various security flaws
  Resolves: rhbz#1262769
spice-server-0.12.4-12.el6_7.1.x86_64 [344 KiB] Changelog by Christophe Fergeau (2015-07-21):
- Avoid race conditions reading monitor configs from guest. This race could
  trigger memory corruption host-side
  Resolves: rhbz#1239124
spice-server-0.12.4-12.el6.x86_64 [343 KiB] Changelog by Christophe Fergeau (2015-03-02):
- Fix spicevmc-related crash which could be triggered with older clients
  Resolves: rhbz#1163480
- Fix crash when using VNC + QXL + rhel-6.0.0 machine type
  Resolves: rhbz#1135372
spice-server-0.12.4-11.el6.x86_64 [343 KiB] Changelog by Marc-Andre Lureau (2014-08-07):
- Fix invalid surface clearing
  Resolves: rhbz#1127342
spice-server-0.12.4-6.el6_5.2.x86_64 [343 KiB] Changelog by Jonathon Jongsma (2014-06-02):
- Fix assert in mjpeg streaming code
  Resolves: rhbz#1103827
spice-server-0.12.4-6.el6_5.1.x86_64 [343 KiB] Changelog by Uri Lublin (2013-12-02):
- Monitor whether the client is alive
  Resolves: rhbz#1027244
spice-server-0.12.4-6.el6.x86_64 [342 KiB] Changelog by Christophe Fergeau (2013-10-14):
- Fix bad error handling in the patch for CVE-2013-4282
  Related: rhbz#999839 (CVE-2013-4282)
spice-server-0.12.0-12.el6_4.5.x86_64 [325 KiB] Changelog by Christophe Fergeau (2013-10-14):
- Fix issue with error-handling of RSA_private_decrypt() in previous patch
  Related: CVE-2013-4282
spice-server-0.12.0-12.el6_4.3.x86_64 [325 KiB] Changelog by Jonathon Jongsma (2013-08-28):
- Fixes an abort on unsafe client ring access
  Resolves: rhbz#986298
spice-server-0.12.0-12.el6_4.2.x86_64 [325 KiB] Changelog by Uri Lublin (2013-06-20):
- Fix a crash running a F19 guest -- do not abort on stride > 0
  Resolves: rhbz#973703
spice-server-0.12.0-12.el6_4.1.x86_64 [325 KiB] Changelog by Yonit Halperin (2013-05-09):
- Migration related fixes
  * Destroy video streams before sending MSG_MIGRATE
  * Fix wrong is_low_bandwidth setting after 2 migrations of a session
    that was originally a low bandwidth one.
  Resolves: rhbz#956984
  Resolves: rhbz#961427
spice-server-0.12.0-12.el6.x86_64 [324 KiB] Changelog by Hans de Goede (2013-01-16):
- Fix a crash when rapidly changing monitor configuration
  Resolves: rhbz#868807
spice-server-0.10.1-10.el6.x86_64 [272 KiB] Changelog by Yonit Halperin (2012-05-20):
- Fix crash in video streaming
  Resolves: rhbz#822686
spice-server-0.8.2-5.el6.x86_64 [250 KiB] Changelog by Alon Levy (2011-10-26):
- main dispatcher added
Resolves: rhbz#746950
spice-server-0.8.0-1.el6.x86_64 [239 KiB] Changelog by Uri Lublin (2011-03-07):
- Rebase to upstream 0.8.0
  + Includes "Fix segfault on migration" patch
  + Some spice-client bug fixes.
Resolves: #672035

Listing created by repoview