Name: spice Version: 0.12.4 Release: 9%{?dist}.3 Summary: Implements the SPICE protocol Group: User Interface/Desktops License: LGPLv2+ URL: http://www.spice-space.org/ Source0: http://www.spice-space.org/download/releases/%{name}-%{version}.tar.bz2 Patch1: 0001-red_channel-prevent-adding-and-pushing-pipe-items-af.patch Patch2: 0002-red_channel-add-ref-count-to-RedClient.patch Patch3: 0003-main_dispatcher-add-ref-count-protection-to-RedClien.patch Patch4: 0004-decouple-disconnection-of-the-main-channel-from-clie.patch Patch5: 0005-reds-s-red_client_disconnect-red_channel_client_shut.patch Patch6: 0006-snd_worker-fix-memory-leak-of-PlaybackChannel.patch Patch7: 0007-snd_worker-snd_disconnect_channel-don-t-call-snd_cha.patch Patch8: 0008-log-improve-debug-information-related-to-client-disc.patch Patch9: 0009-red_worker-decrease-the-timeout-when-flushing-comman.patch Patch10: 0010-Fix-buffer-overflow-when-decrypting-client-SPICE-tic.patch Patch11: 0011-server-move-three-functions-to-red_channel.patch Patch12: 0012-server-s-red_wait_all_sent-red_channel_wait_all_sent.patch Patch13: 0013-red_worker-cleanup-red_clear_surface_drawables_from_.patch Patch14: 0014-red_channel-cleanup-of-red_channel_client-blocking-m.patch Patch15: 0015-red_worker-disconnect-the-channel-instead-of-shutdow.patch Patch16: 0016-spice_timer_queue-don-t-call-timers-repeatedly.patch Patch17: 0017-red_channel-add-on_input-callback-for-tracing-incomi.patch Patch18: 0018-red_channel-add-option-to-monitor-whether-a-channel-.patch Patch19: 0019-main_channel-monitoring-client-connection-status.patch Patch20: 0020-Fix-crash-when-clearing-surface-memory.patch Patch21: 0021-Fix-assert-in-mjpeg_encoder_adjust_params_to_bit_rat.patch Patch22: 0022-reds-lookup-corresponding-channel-id.patch Patch23: 0023-dispatcher-lower-a-monitor-config-warning-to-a-debug.patch Patch24: 0024-mjpeg-Don-t-warn-on-unsupported-image-formats.patch Patch25: 0025-server-Don-t-dump-the-bitmap-when-the-format-is-inva.patch Patch26: 0026-Fix-Wunused-parameter.patch Patch27: 0027-Fix-Wunused-value.patch Patch28: 0028-Fix-Wsign.patch Patch29: 0029-Fix-Wswitch.patch Patch30: 0030-Fix-Wformat.patch Patch31: 0031-Fix-Wnonnull.patch Patch32: 0032-Fix-Wmissing-field-initializers.patch Patch33: 0033-Fix-Wunused-function.patch Patch34: 0034-Validate-surface-bounding-box-before-using-it.patch Patch35: 0035-migration-Don-t-assert-if-MIGRATE_DATA-comes-before-.patch Patch36: 0036-server-fix-crash-when-restarting-VM-with-old-client.patch Patch37: 0037-Use-TLS-version-1.0-or-better.patch Patch38: 0038-Avoid-race-conditions-reading-monitor-configs-from-g.patch Patch39: 0039-worker-validate-correctly-surfaces.patch Patch40: 0040-worker-avoid-double-free-or-double-create-of-surface.patch Patch41: 0041-Define-a-constant-to-limit-data-from-guest.patch Patch42: 0042-Fix-some-integer-overflow-causing-large-memory-alloc.patch Patch43: 0043-Check-properly-surface-to-be-created.patch Patch44: 0044-Fix-buffer-reading-overflow.patch Patch45: 0045-Prevent-32-bit-integer-overflow-in-bitmap_consistent.patch Patch46: 0046-Fix-race-condition-on-red_get_clip_rects.patch Patch47: 0047-Fix-race-in-red_get_image.patch Patch48: 0048-Fix-race-condition-in-red_get_string.patch Patch49: 0049-Fix-integer-overflow-computing-glyph_size-in-red_get.patch Patch50: 0050-Fix-race-condition-in-red_get_data_chunks_ptr.patch Patch51: 0051-Prevent-memory-leak-if-red_get_data_chunks_ptr-fails.patch Patch52: 0052-Prevent-DoS-from-guest-trying-to-allocate-too-much-d.patch Patch53: 0053-Fix-some-possible-overflows-in-red_get_string-for-32.patch Patch54: 0054-Make-sure-we-can-read-QXLPathSeg-structures.patch Patch55: 0055-Avoid-race-condition-copying-segments-in-red_get_pat.patch Patch56: 0056-Prevent-data_size-to-be-set-independently-from-data.patch Patch57: 0057-Prevent-leak-if-size-from-red_get_data_chunks-don-t-.patch # https://bugzilla.redhat.com/show_bug.cgi?id=613529 %if 0%{?rhel} ExclusiveArch: x86_64 %else ExclusiveArch: i686 x86_64 armv6l armv7l armv7hl %endif BuildRequires: pkgconfig BuildRequires: glib2-devel >= 2.22 # BuildRequires: spice-protocol >= 0.12.3 -- not needed since spice-0.11.3 BuildRequires: celt051-devel BuildRequires: pixman-devel alsa-lib-devel openssl-devel libjpeg-turbo-devel BuildRequires: libcacard-devel cyrus-sasl-devel BuildRequires: pyparsing %description The Simple Protocol for Independent Computing Environments (SPICE) is a remote display system built for virtual environments which allows you to view a computing 'desktop' environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. %package server Summary: Implements the server side of the SPICE protocol Group: System Environment/Libraries Obsoletes: spice-client < %{version}-%{release} %description server The Simple Protocol for Independent Computing Environments (SPICE) is a remote display system built for virtual environments which allows you to view a computing 'desktop' environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. This package contains the run-time libraries for any application that wishes to be a SPICE server. %package server-devel Summary: Header files, libraries and development documentation for spice-server Group: Development/Libraries Requires: %{name}-server%{?_isa} = %{version}-%{release} Requires: pkgconfig Requires: spice-protocol >= 0.12.3 %description server-devel This package contains the header files, static libraries and development documentation for spice-server. If you like to develop programs using spice-server, you will need to install spice-server-devel. %prep %setup -q %patch1 -p1 %patch2 -p1 %patch3 -p1 %patch4 -p1 %patch5 -p1 %patch6 -p1 %patch7 -p1 %patch8 -p1 %patch9 -p1 %patch10 -p1 %patch11 -p1 %patch12 -p1 %patch13 -p1 %patch14 -p1 %patch15 -p1 %patch16 -p1 %patch17 -p1 %patch18 -p1 %patch19 -p1 %patch20 -p1 %patch21 -p1 %patch22 -p1 %patch23 -p1 %patch24 -p1 %patch25 -p1 %patch26 -p1 %patch27 -p1 %patch28 -p1 %patch29 -p1 %patch30 -p1 %patch31 -p1 %patch32 -p1 %patch33 -p1 %patch34 -p1 %patch35 -p1 %patch36 -p1 %patch37 -p1 %patch38 -p1 %patch39 -p1 %patch40 -p1 %patch41 -p1 %patch42 -p1 %patch43 -p1 %patch44 -p1 %patch45 -p1 %patch46 -p1 %patch47 -p1 %patch48 -p1 %patch49 -p1 %patch50 -p1 %patch51 -p1 %patch52 -p1 %patch53 -p1 %patch54 -p1 %patch55 -p1 %patch56 -p1 %patch57 -p1 %build %define configure_client --disable-client %configure --enable-smartcard %{configure_client} make %{?_smp_mflags} WARN_CFLAGS='' V=1 %install make DESTDIR=%{buildroot} install rm -f %{buildroot}%{_libdir}/libspice-server.a rm -f %{buildroot}%{_libdir}/libspice-server.la mkdir -p %{buildroot}%{_libexecdir} %post server -p /sbin/ldconfig %postun server -p /sbin/ldconfig %files server %doc COPYING README NEWS %{_libdir}/libspice-server.so.1* %files server-devel %{_includedir}/spice-server %{_libdir}/libspice-server.so %{_libdir}/pkgconfig/spice-server.pc %changelog * Wed Sep 23 2015 Frediano Ziglio 0.12.4-9.3 - CVE-2015-5260 CVE-2015-5261 fixed various security flaws Resolves: rhbz#1262771 * Tue Sep 15 2015 Frediano Ziglio 0.12.4-9.2 - Validate surface_id Resolves: rhbz#1262771 * Tue Jul 21 2015 Christophe Fergeau 0.12.4-9.1 - Avoid race conditions reading monitor configs from guest. This race could trigger memory corruption host-side Resolves: rhbz#1239127 * Mon Jan 05 2015 Marc-Andre Lureau 0.12.4-9 - Allow recent TLS/SSL methods, block SSLv2/SSLv3. Resolves: rhbz#1175540 * Tue Oct 21 2014 Christophe Fergeau 0.12.4-8 - Fix defects reported by Coverity Resolves: rhbz#885717 - Validate surface bounding box sent from QXL driver Resolves: rhbz#1052856 - Fix assertion sometimes happening during migration while a client is connected Resolves: rhbz#1035184 - Fix crash when restarting VM with old client Resolves: rhbz#1145919 * Thu Sep 18 2014 Christophe Fergeau 0.12.4-7 - Fix assert in mjpeg_encoder_adjust_params_to_bit_rate() Resolves: rhbz#1086823 - Fix "Spice-ERROR **: reds.c:1464:reds_send_link_ack: assertion `link->link_mess->channel_type == SPICE_CHANNEL_MAIN' failed" assertion Resolves: rhbz#1058625 - Lower a monitor-config warning to debug level Resolves: rhbz#1119220 - mjpeg: Don't warn on unsupported image formats Resolves: rhbz#1070028 * Thu Aug 07 2014 Marc-Andre Lureau 0.12.4-6 - Fix invalid surface clearing Resolves: rhbz#1029646 * Wed Jan 29 2014 Christophe Fergeau 0.12.4-5 - Fix qemu crash during migration with reboot Resolves: rhbz#1016795 - Monitor whether the client is alive Resolves: rhbz#1016790 * Tue Oct 15 2013 Christophe Fergeau 0.12.4-3 - Fix spice-server crash when client sends a password which is too long Resolves: CVE-2013-4282 * Fri Sep 13 2013 Christophe Fergeau 0.12.4-2 - Add upstream patch fixing rhbz#995041 * Fri Aug 2 2013 Hans de Goede - 0.12.4-1 - Add patches from upstream git to fix sound-channel-free crash (rhbz#986407) - Add Obsoletes for dropped spice-client sub-package * Mon Jul 22 2013 Yonit Halperin 0.12.4-1 - New upstream release 0.12.4 - Require libjpeg-turbo-devel instead of libjpeg-devel - Remove "BuildRequires: spice-protocol" from spice-server - Add "Requires: spice-protocol" to spice-server-devel. * Thu May 23 2013 Christophe Fergeau 0.12.3-2 - Stop building spicec, it's obsolete and superseded by remote-viewer (part of virt-viewer) * Tue May 21 2013 Christophe Fergeau 0.12.3-1 - New upstream release 0.12.3 - Drop all patches (they were all upstreamed) * Mon Apr 15 2013 Hans de Goede - 0.12.2-4 - Add fix from upstream for a crash when the guest uses RGBA (rhbz#952242) * Thu Mar 07 2013 Adam Jackson 0.12.2-4 - Rebuild for new libsasl2 soname in F19 * Mon Jan 21 2013 Hans de Goede - 0.12.2-3 - Add a number of misc. bug-fixes from upstream * Fri Dec 21 2012 Adam Tkac - 0.12.2-2 - rebuild against new libjpeg * Thu Dec 20 2012 Hans de Goede - 0.12.2-1 - New upstream release 0.12.2 * Fri Sep 28 2012 Hans de Goede - 0.12.0-1 - New upstream release 0.12.0 - Some minor spec file cleanups - Enable building on arm * Thu Sep 6 2012 Soren Sandmann - 0.11.3-1 - BuildRequire pyparsing * Thu Sep 6 2012 Soren Sandmann - 0.11.3-1 - Add capability patches - Add capability patches to the included copy of spice-protocol Please see the comment above Patch6 and Patch7 regarding this situation. * Thu Sep 6 2012 Soren Sandmann - 0.11.3-1 - Update to 0.11.3 and drop upstreamed patches - BuildRequire spice-protocol 0.12.1 * Sat Jul 21 2012 Fedora Release Engineering - 0.10.1-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Mon May 14 2012 Alon Levy - Fix mjpeg memory leak and bad behavior. - Add usbredir to list of channels for security purposes. (#819484) * Sun May 13 2012 Alon Levy - Add double free fix. (#808936) * Tue Apr 24 2012 Alon Levy - Add 32 bit fixes from git master. (#815717) * Tue Feb 28 2012 Fedora Release Engineering - 0.10.1-2 - Rebuilt for c++ ABI breakage * Mon Jan 23 2012 Hans de Goede - 0.10.1-1 - New upstream release 0.10.1 * Sat Jan 14 2012 Fedora Release Engineering - 0.10.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild * Thu Nov 10 2011 Alon Levy - 0.10.0-1 - New upstream release 0.10.0 - support spice-server.i686 * Wed Sep 28 2011 Marc-André Lureau - 0.9.1-2 - Provides spice-xpi-client alternative in spice-client * Thu Aug 25 2011 Hans de Goede - 0.9.1-1 - New upstream release 0.9.1 * Mon Jul 25 2011 Marc-André Lureau - 0.9.0-1 - New upstream release 0.9.0 * Wed Apr 20 2011 Hans de Goede - 0.8.1-1 - New upstream release 0.8.1 * Fri Mar 11 2011 Hans de Goede - 0.8.0-2 - Fix being unable to send ctrl+alt+key when release mouse is bound to ctrl+alt (which can happen when used from RHEV-M) * Tue Mar 1 2011 Hans de Goede - 0.8.0-1 - New upstream release 0.8.0 * Fri Feb 11 2011 Hans de Goede - 0.7.3-1 - New upstream release 0.7.3 * Wed Feb 09 2011 Fedora Release Engineering - 0.7.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild * Wed Jan 19 2011 Hans de Goede - 0.7.2-1 - New upstream release 0.7.2 * Fri Dec 17 2010 Hans de Goede - 0.7.1-1 - New upstream release 0.7.1 - Drop all patches (all upstreamed) - Enable smartcard (CAC) support * Wed Nov 17 2010 Hans de Goede - 0.6.3-4 - Fix the info layer not showing when used through the XPI - Do not let the connection gui flash by when a hostname has been specified on the cmdline - Fix spice client locking up when dealing with XIM input (#654265) - Fix modifier keys getting stuck (#655048) - Fix spice client crashing when dealing with XIM ibus input (#655836) - Fix spice client only showing a white screen in full screen mode * Sat Nov 6 2010 Hans de Goede - 0.6.3-3 - Log to ~/.spicec/cegui.log rather then to CEGUI.log in the cwd, this fixes spicec from aborting when run in a non writable dir (#650253) * Fri Nov 5 2010 Hans de Goede - 0.6.3-2 - Various bugfixes from upstream git: - Make spicec work together with the Firefox XPI for RHEV-M - Make sure the spicec window gets properly raised when first shown * Mon Oct 18 2010 Hans de Goede - 0.6.3-1 - Update to 0.6.3 - Enable GUI * Thu Sep 30 2010 Gerd Hoffmann - 0.6.1-1 - Update to 0.6.1. * Tue Aug 31 2010 Alexander Larsson - 0.6.0-1 - Update to 0.6.0 (stable release) * Tue Jul 20 2010 Alexander Larsson - 0.5.3-1 - Update to 0.5.3 * Tue Jul 13 2010 Gerd Hoffmann - 0.5.2-4 - Quote %% in changelog to avoid macro expansion. * Mon Jul 12 2010 Gerd Hoffmann - 0.5.2-3 - %%configure handles CFLAGS automatically, no need to fiddle with %%{optflags} manually. * Mon Jul 12 2010 Gerd Hoffmann - 0.5.2-2 - Fix license: LGPL. - Cleanup specfile, drop bits not needed any more with recent rpm versions (F13+). - Use optflags as-is. - * Fri Jul 9 2010 Gerd Hoffmann - 0.5.2-1 - initial package.