Skip to content

CentOS 7 - Updates for x86_64: system environment/libraries: spice-server

spice-server - Implements the server side of the SPICE protocol

Website: http://www.spice-space.org/
License: LGPLv2+
Vendor: CentOS
Description:
The Simple Protocol for Independent Computing Environments (SPICE) is
a remote display system built for virtual environments which allows
you to view a computing 'desktop' environment not only on the machine
where it is running, but from anywhere on the Internet and from a wide
variety of machine architectures.

This package contains the run-time libraries for any application that wishes
to be a SPICE server.

Packages

spice-server-0.14.0-9.el7_9.1.x86_64 [404 KiB] Changelog by Frediano Ziglio (2020-09-02):
- Fix multiple buffer overflows in QUIC decoding code
  Resolves: CVE-2020-14355
spice-server-0.14.0-9.el7.x86_64 [403 KiB] Changelog by Frediano Ziglio (2019-12-04):
- Always enable latency monitor to keep tcp connection alive
  Resolves: rhbz#1719736
spice-server-0.14.0-7.el7.x86_64 [403 KiB] Changelog by Christophe Fergeau (2018-12-18):
- Fix off-by-one error during guest-to-host memory address conversion
  Resolves: CVE-2019-3813
- Add patch for upstream commit 48179332d9da0. This should help with corrupted
  spice-html5 displays
  Resolves: rhbz#1573739
- Add missing minimum openssl version Requires for patch #24
  Resolves: rhbz#1627693
spice-server-0.14.0-6.el7_6.1.x86_64 [402 KiB] Changelog by Christophe Fergeau (2019-01-24):
- Fix off-by-one error during guest-to-host memory address conversion
  Resolves: CVE-2019-3813
spice-server-0.14.0-6.el7.x86_64 [402 KiB] Changelog by Frediano Ziglio (2018-08-09):
- Fix flexible array buffer overflow
  Resolves: rhbz#1596008
spice-server-0.14.0-2.el7_5.5.x86_64 [402 KiB] Changelog by Frediano Ziglio (2018-08-09):
- Fix flexible array buffer overflow
  Resolves: rhbz#1596008
spice-server-0.14.0-2.el7_5.4.x86_64 [401 KiB] Changelog by Victor Toso (2018-06-12):
- Don't mute Record channel on client reconnection
  Resolves: rhbz#1582601
spice-server-0.14.0-2.el7_5.3.x86_64 [401 KiB] Changelog by Christophe Fergeau (2018-04-27):
- Revert back to spice 0.12 behaviour where QXL guest resources for cursor
  commands are only released when the current cursor is replaced. This avoids
  a QEMU regression causing crashes during migration
  Resolves: rhbz#1572489
spice-server-0.14.0-2.el7.x86_64 [401 KiB] Changelog by Christophe Fergeau (2017-10-12):
- Add streaming patches for use with spice-streaming-agent
  Related: rhbz#1478356
spice-server-0.12.8-2.el7.1.x86_64 [397 KiB] Changelog by Christophe Fergeau (2017-07-05):
- Redo build properly versioned as a zstream build
  Related: CVE-2017-7506
spice-server-0.12.8-2.el7.x86_64 [397 KiB] Changelog by Christophe Fergeau (2017-04-25):
- Drop clients immediatly if the magic they send is wrong
  Resolves: rhbz#1416692
spice-server-0.12.4-20.el7_3.x86_64 [382 KiB] Changelog by Frediano Ziglio (2016-12-09):
- Fix buffer overflow in main_channel_alloc_msg_rcv_buf when reading large
  messages.
  Resolves: CVE-2016-9577
- Fix remote DoS via crafted message.
  Resolves: CVE-2016-9578
spice-server-0.12.4-19.el7.x86_64 [381 KiB] Changelog by Christophe Fergeau (2016-09-09):
- Ensure SPICE_MIGRATE_COMPLETED is sent in all cases when it's needed.
  Resolves: rhbz#1352836
spice-server-0.12.4-15.el7_2.2.x86_64 [380 KiB] Changelog by Christophe Fergeau (2016-08-05):
- Fix thread-safety issue causing a crash when playing a Youtube video spanning
  multiple monitors
  Resolves: rhbz#1253375
spice-server-0.12.4-15.el7_2.1.x86_64 [380 KiB] Changelog by Christophe Fergeau (2016-04-25):
- Fix heap-based memory corruption within smartcard handling
  Resolves: CVE-2016-0749
- Fix host memory access from guest with invalid primary surface parameters
  Resolves: CVE-2016-2150
spice-server-0.12.4-15.el7.x86_64 [380 KiB] Changelog by Frediano Ziglio (2015-09-23):
- CVE-2015-5260 CVE-2015-5261 fixed various security flaws
  Resolves: rhbz#1267134
spice-server-0.12.4-9.el7_1.3.x86_64 [379 KiB] Changelog by Frediano Ziglio (2015-09-23):
- CVE-2015-5260 CVE-2015-5261 fixed various security flaws
  Resolves: rhbz#1262771
spice-server-0.12.4-9.el7_1.1.x86_64 [378 KiB] Changelog by Christophe Fergeau (2015-07-21):
- Avoid race conditions reading monitor configs from guest. This race could
  trigger memory corruption host-side
  Resolves: rhbz#1239127

Listing created by repoview