ALP-pool/spice
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
main
spice/spice.changes

545 lines
22 KiB
Plaintext
Raw Permalink Normal View History

Sync from SUSE:ALP:Source:Standard:1.0 spice revision d5710cd05e06693148a76eca6eecfad3
2023-06-07 08:40:16 +02:00
-------------------------------------------------------------------
Tue Nov 29 13:52:13 MST 2022 - carnold@suse.com
- Update to v0.15.1 release
* This is a bug fix release with no upstream changelog
- Drop fix-build-with-gstreamer-1.20.patch
-------------------------------------------------------------------
Wed Mar 23 10:23:06 UTC 2022 - Antonio Larrosa <alarrosa@suse.com>
- Add patch to let spice build with gstreamer 1.20.x
(https://gitlab.freedesktop.org/spice/spice/-/merge_requests/207)
* fix-build-with-gstreamer-1.20.patch
-------------------------------------------------------------------
Fri May 7 11:07:29 MDT 2021 - carnold@suse.com
- Update to v0.15.0 release
This is the first release in the new 0.15.x stable series.
* Minor updates to CI
* Some compatibility with OpenSSL
* Change the behavior of handle_dev_start ignoring multiple start requests
* Ignore multiple calls to handle_dev_stop
* Pick up newer spice-common to fix a buffer overflow issue
- Dropped patches contained in new tarball
0001-quic-Check-we-have-some-data-to-start-decoding-quic-.patch
0002-quic-Check-image-size-in-quic_decode_begin.patch
0003-quic-Check-RLE-lengths.patch
0004-quic-Avoid-possible-buffer-overflow-in-find_bucket.patch
-------------------------------------------------------------------
Fri Oct 9 19:51:19 UTC 2020 - Bruce Rogers <brogers@suse.com>
- Note: The Mar 9, 2020 spec file cleanup and the following change
satisfy jsc#SLE-15520
- Remove gstreamer-plugins-libav and gstreamer-plugins-good as
BuildRequires. Even though the configure step of the package
build does report detection of features from these packages, the
build is actually not otherwise influenced by the presence of
these packages. It is at runtime when these plugin packages are
utilized, so leave the Recommends for these in the package spec,
so that if the packages are available in a distro they can get
installed and utilized.
-------------------------------------------------------------------
Mon Oct 5 19:46:16 UTC 2020 - Bruce Rogers <brogers@suse.com>
- Fix buffer overflow vunerabilities in QUIC image decoding
(CVE-2020-14355 bsc#1177158)
0001-quic-Check-we-have-some-data-to-start-decoding-quic-.patch
0002-quic-Check-image-size-in-quic_decode_begin.patch
0003-quic-Check-RLE-lengths.patch
0004-quic-Avoid-possible-buffer-overflow-in-find_bucket.patch
-------------------------------------------------------------------
Mon Mar 9 21:40:53 UTC 2020 - Bruce Rogers <brogers@suse.com>
- Clean up some spec file conditionals that are no longer helpful
-------------------------------------------------------------------
Fri Feb 28 19:05:21 UTC 2020 - Bruce Rogers <brogers@suse.com>
- Update to v0.14.3 release
The main changes are WebSocket and support for Windows.
* Add support for WebSocket, this will allow to use spice-html5
without proxy
* Support Windows, now Qemu Windows can be build enabling Spice
* Fix some alignment problem
* Converted some documentation to Asciidoc format to make easier
to update, updated some
* Minor compatibility fix for PPC64EL and ARMHF
* Minor fixes for big endian machines like MIPS
* Avoid some crashes with some buggy guest drivers, simply
ignore the invalid request
* Fix for old OpenSSL versions
* Minor fix for Windows clients and brushes, fixed an issue with
Photoshop under Windows 7
* Add ability to query video-codecs
* Small use-after-free fix
* Fix for debugging recording/replaying using QUIC images
* Fix a regression where spice reported no monitors to the client
* Fix DoS in spicevmc if WebDAV used
* Updated and improved test migration script
* Some minor fixes to smartcard support
* Avoid possible disconnection using proxies using a in-flow
keepalive mechanism
- The NEWS file is now named CHANGELOG.md, and the previously
provided ChangeLog, which was a summary of the git log is no
longer provided
-------------------------------------------------------------------
Fri Jan 10 20:53:35 UTC 2020 - Martin Herkt <9+suse@cirno.systems>
- Enable video codec support (VPX and MJPEG)
-------------------------------------------------------------------
Thu May 16 21:11:13 UTC 2019 - Bruce Rogers <brogers@suse.com>
- Update to v0.14.2 stable release
The main changes are support for Meson build and graphic device
info messages allowing to better support multi-monitor
configurations.
* support H265 in stream-channel
* add support for building with meson/ninja
* minor tests fixes improving CI
* set char device state for smartcard, allowing Qemu optimization
* improve red-parse-qxl.c interface making it more consistent
* add some instrumentation for streaming device
* QXL interface: add a function to identify monitors in the guest
(spice_qxl_set_device_info)
* add support for GraphicsDeviceInfo messages
* video-stream: prevent crash on stream reattach
* make channel client callbacks virtual functions
* bumped minimum required glib version to 2.38
* attempt to have a reliable led state for keyboard modifiers
- Removed patches:
(The first two are altered versions of what is carried upstream.
I think we're fine with what upstream does here)
0001-lz-Avoid-buffer-reading-overflow-checking-for-image-.patch
0002-lz-More-checks-on-image-sizes.patch
0001-memslot-Fix-off-by-one-error-in-group-slot-boundary-.patch
-------------------------------------------------------------------
Fri Mar 1 08:13:02 UTC 2019 - olaf@aepfle.de
- Use plain python2 for SLE12 builds
- Remove PYTHON=python3, configure will find and use the python3
-------------------------------------------------------------------
Mon Jan 28 17:39:01 UTC 2019 - Bruce Rogers <brogers@suse.com>
- Fix OOB memory access in internal tracking of slot_ids and
group_ids. (CVE-2019-3813 bsc#1122706)
* 0001-memslot-Fix-off-by-one-error-in-group-slot-boundary-.patch
- Remove celt051 Requires directive
-------------------------------------------------------------------
Wed Sep 19 22:47:44 UTC 2018 - astieger@suse.com
- Upstream disabled support for the celt051 audio codec by default,
do likewise in the spec
- Note updated 0.14.1 build dependencies in the spec:
* OpenSSL 1.0.0 or newer is now required
* glib 2.32 required
- add upstream signing key and verify source signature
-------------------------------------------------------------------
Wed Sep 19 19:42:07 UTC 2018 - Bruce Rogers <brogers@suse.com>
- Update to v0.14.1 stable release
The announcement email describes this release as follows:
The main change in this release is the addition of a new protocol
extension in order to support streaming the remote display as a
video stream rather than going through the QXL protocol. Together
with spice-streaming-agent, and/or with more work on the qemu/
spice-server side, this should allow streaming of 3D accelerated
VMs in the future. At this point, this part of spice-server is
still a work in progress (multi-monitor support and various
features are missing).
* avoid performance issues on Windows 10 KVM guests (boo#1109044)
* add new org.spice-space.stream.0 channel used for passing an
encoded video stream from the guest to the client
* add support for TCP_CORK to reduce the amount of packets that
we send
* fix CVE-2018-10873 (maintainer note: we already carried fix)
* fix cursor related migration crash
* fix regression causing sound recording to be muted after client
disconnection/reconnection (introduced in 0.13.90)
* fix regression in corner cases where images could be sent
uncompressed when they used to be compressed with QUIC
* disable TLS 1.0 support
* CELT 0.5.1 support is now disabled by default. If celt051-devel
is installed at build-time, --enable-celt051/--disable-celt051
must be explicitly specified
* drop support for unsupported OpenSSL version. OpenSSL 1.0.0 or
newer is now required
* bumped minimum required glib version to 2.32
* endianness fixes
* (small) leak fixes
* usual round of code cleanups
* not directly related to this release, but the upstream git
repository is now hosted on gitlab.freedesktop.org
- Removed patches:
bb15d481-Fix-flexible-array-buffer-overflow.patch
-------------------------------------------------------------------
Mon Aug 20 10:05:54 UTC 2018 - cbosdonnat@suse.com
- Fix potential heap corruption when demarshalling (CVE-2018-10873,
bsc#1104448)
Added patch:
bb15d481-Fix-flexible-array-buffer-overflow.patch
-------------------------------------------------------------------
Mon Jul 16 15:01:46 UTC 2018 - cbosdonnat@suse.com
- Avoid buffer overflow on image lz cheks (CVE-2018-10893, bsc#1101295)
Added patches:
0001-lz-Avoid-buffer-reading-overflow-checking-for-image-.patch
0002-lz-More-checks-on-image-sizes.patch
-------------------------------------------------------------------
Tue Jan 30 22:20:12 UTC 2018 - jengelh@inai.de
- Correct RPM group for shared library.
-------------------------------------------------------------------
Tue Jan 30 14:44:37 UTC 2018 - tchvatal@suse.com
- Split the sle condition again for exact features to allow their
override
-------------------------------------------------------------------
Thu Jan 18 12:12:33 UTC 2018 - tchvatal@suse.com
- Enable smartcards on sle15 as the supportlib is available
* Condition it using name everywhere instead of suse versions
and join together with lz4
- Format with spec-cleaner
- Convert dependencies to pkgconfig style
- Install documentation and license file
- Add configure arguments to most of the options to not rely on
autotools automatic behavior
* Also enable gstreamer and lz4 options
- Drop the not needed python dependencies, they are needed only
when building from git snapshot
-------------------------------------------------------------------
Thu Oct 26 07:25:59 UTC 2017 - cbosdonnat@suse.com
- Release 0.14.0
* fix client mouse with virgl
* fix frozen display after seamless migration
* set human-readable name on spice threads
* add sanity-checks for ORC library as it can abort spice-server
when selinux is in use
* Close TCP connection early when client did not send the correct
SPICE magic bytes: this allows VNC clients to gracefully fail
when connecting to a SPICE port
* Add VP9 encoding support when GStreamer is being used and misc
streaming/encoding improvements
* Improvements to replay utility
* Limit (deprecated/unusud) QXLMessage size to 100,000 characters
for improved safety
* Improve image quality in low bitrate situation when using the
GStreamer backend
* Added GStreamer support to the video streaming code
* Fix old migration bug causing migration to never end in some cases
* Added lz4 compression to the spicevmc channel
* Ongoing code cleanups
* add spice_qxl_gl_scanout() spice_qxl_gl_draw_async() for local
virgl support
* spice_server_set_keepalive_timeout() has been removed in favour of
unconditionally sending keepalive probes every 10 minutes
* Added public spice_server_set_keepalive_timeout() to make it possible
to tweak keepalive on all SPICE connection. This can prevent unwanted
idle disconnections if proxies are used between the client and the host.
* Fix important memory usage when the webdav channel is used
* Do not disconnect when the client requests an unsupported compression type
* Fix potential race condition when using multiple QXL devices
* Fix display glitch when using XSpice
* Improve help string for 'replay -s'
* Fix small leak in MJPEG code
- Removed patches:
* CVE-2016-9577-buffer-overflow-in-main_channel_alloc_msg_rcv_buf.patch
* CVE-2016-9578-remote-dos-via-crafted-message.patch
-------------------------------------------------------------------
Thu Feb 2 11:23:03 UTC 2017 - psimons@suse.com
- Added patches to fix two security vulnerabilities.
* CVE-2016-9577-buffer-overflow-in-main_channel_alloc_msg_rcv_buf.patch
[CVE-2016-9577, bsc#1023078]
* CVE-2016-9578-remote-dos-via-crafted-message.patch
[CVE-2016-9578, bsc#1023079]
-------------------------------------------------------------------
Thu Feb 2 09:52:06 UTC 2017 - cbosdonnat@suse.com
- Synchronize with SLES (fate#322402):
+ bnc#894069: disable smartcard support for SLES
+ merge changelog
-------------------------------------------------------------------
Thu Dec 22 19:57:28 UTC 2016 - astieger@suse.com
- restrict suppression of obsoletes-not-provided warning to
spice-client bsc#1013916
-------------------------------------------------------------------
Tue Dec 13 09:44:53 UTC 2016 - cbosdonnat@suse.com
- Obsolete spice-client (bsc#1013916)
-------------------------------------------------------------------
Thu Nov 10 08:59:37 UTC 2016 - msuchanek@suse.com
- remove ExclusiveArch (boo#1009438)
-------------------------------------------------------------------
Sat Oct 8 19:36:49 UTC 2016 - zaitor@opensuse.org
- Update to version 0.12.8:
+ Fixes for bsc#982385 / CVE-2016-0749 and bsc#982386 / CVE-2016-2150.
-------------------------------------------------------------------
Fri Apr 15 07:14:06 UTC 2016 - cbosdonnat@suse.com
- Update to version 0.12.7 (fate#320079)
+ spice-server will now send TCP keepalive probes on the TCP connections it
uses. This can prevent unwanted idle disconnections if proxies are used
between the client and the host.
+ Fix important memory usage when the webdav channel is used
+ Do not disconnect when the client requests an unsupported compression type
+ Fix a few race conditions
+ Fix display glitch when using XSpice
+ Improve help string for 'replay -s'
+ Fix crashes in corner cases (buggy spice-html5 + win10, vnc + SPICE port
configured, USB webcam redirection over a slow link)
+ Fix various compilation warning when building on 32 bit machines
+ Some fixes for big-endian machines, more work is likely to be needed
+ Do not build static libraries by default, this can be reenabled with --enable-static
+ Fix small leak in MJPEG code
-------------------------------------------------------------------
Tue Oct 6 14:44:02 UTC 2015 - cbosdonnat@suse.com
- Update to version 0.12.6
+ Removed spicec client code, it has been superseded by remote-viewer
and other spice-gtk based clients
+ Unix socket support
+ LZ4 support
+ Let clients specify their preferred image compression format
+ Allow to record and replay a spice-server session
+ Fixes for CVE-2015-3247 CVE-2015-5260 and CVE-2015-5261
bsc#944787, bsc#948976
+ spice-protocol submodule has been removed, spice-protocol must
now be installed when building spice-server
+ Remove write polling in chardevs to reduce wakeups
- Remove upstream merged patches:
+ spice-Don-t-use-48kHz-for-playback-recording-rates.patch
+ password-length-check.patch
+ cve-2015-3247.patch
-------------------------------------------------------------------
Mon Sep 7 14:50:25 UTC 2015 - cbosdonnat@suse.com
- bsc#944460: fix CVE-2015-3247.
cve-2015-3247.patch
-------------------------------------------------------------------
Fri Jun 5 08:47:17 UTC 2015 - cbosdonnat@suse.com
- Don't allow setting password longer than what the spice protocol
allows. password-length-check.patch. boo#931044
-------------------------------------------------------------------
Sun Oct 19 03:38:16 UTC 2014 - crrodriguez@opensuse.org
- Replace xorg-x11-devel buildrequire by selected pkgconfig(xlibs..)
-------------------------------------------------------------------
Wed Oct 15 12:02:03 UTC 2014 - zaitor@opensuse.org
- Update to version 0.12.5:
+ Added Opus support. Celt support will be obsoleted in a future
release.
+ Addition of webdav channel.
+ Force use of TLS 1.0 or newer for TLS connections.
+ Reference manual.
+ Some optimizations improving CPU use.
+ Various bug fixes for race conditions, memory corruption, which
could be triggered on client disconnections, migration, and
cause spice-server to misbehave.
+ Portability fixes.
+ Code cleanups.
+ bsc#848279: fix CVE-2013-4282.
- Add pkconfig(opus) BuildRequires: Needed to build new opus
support.
- Add spice-Don-t-use-48kHz-for-playback-recording-rates.patch:
Fix advertised sound playback/recording rates in public headers
(rh#1129961).
- Drop spice-glibc217.patch: No longer needed.
- Run spec-clean on spec file, remove conditionals for obsolete
versions of openSUSE, enable parallel build and drop obsolete
clean section.
-------------------------------------------------------------------
Mon Jul 29 08:11:33 UTC 2013 - aevseev@gmail.com
- Update to version 0.12.4:
+ log actual address spice-server binds to
+ main_channel: fix double release of migration target data (rhbz#859027)
+ red_channel: replace an assert upon threads mismatch with a warning (rhbz#823472)
+ support for filtering out agent file-xfer msgs (rhbz#961848)
++ new library export spice_server_set_agent_file_xfer
+ mjpeg encoder statistics (mjpeg_encoder_get_stats)
+ improve stream stats readability and ease of parsing
+ fix for stuck display_channel over WAN (jpeg_enabled=true) (rhbz#977998)
+ Use RING_FOREACH_SAFE and other SAFE macros (rhbz#887775)
+ Some server/tests fixes.
- New features from 0.12.3:
+ monitor client bandwidth and latency.
+ dynamically adjust video stream quality based on client bandwidth & latency.
++ new SPICE_MSGC_DISPLAY_STREAM_REPORT
++ can also set SPICE_BIT_RATE environment variable to override.
+ support arbitrary latency of audio stream wrt video stream:
++ new SPICE_MSG_PLAYBACK_LATENCY
+ notify agent on client disconnection
++ new VD_AGENT_CLIENT_DISCONNECTED message
+ better support for switching from qxl to vga mode
++ new library export spice_qxl_driver_unload
+ multiple monitor support in single channel fixes.
+ stop streams before migration.
+ don't send empty volume messages.
+ Bugs fixed: rhbz#891326, rhbz#958276, rhbz#956345
+ fixes to inputs, chardev, build fixes.
-------------------------------------------------------------------
Wed May 15 17:21:42 UTC 2013 - dimstar@opensuse.org
- Update to version 0.12.2:
+ Skipped 0.12.1, it existed in git but was never released.
+ spice-server now requires glib2 (like qemu does).
+ More robust ssl error and certificate handling.
+ Added support for websockets.
+ Tons of seamless migration bugfixes.
+ Also some none seamless migration bugfixes.
- Clean spec file using spec-cleaner.
- Rebase spice-glibc217.patch.
- Add pkgconfig(glib-2.0) BuildRequires: new dependency.
- Pass --enable-client and --enable-smartcard to configure in
order to ensure the client and smartcard support are built (SC
only on openSUSE >= 12.2).
-------------------------------------------------------------------
Thu Nov 22 17:11:27 UTC 2012 - afaerber@suse.de
- Update to version 0.12.0
* support setting client monitor configuration via device
QXLInterface::client_monitors_config
* support notifying guest of client capabilities
QXLInterface::set_client_capabilities
* new capability for A8 Surface support
* Enable build on armv6+
* Option to quit server after first client disconnects
spice_server_set_exit_on_disconnect
* Support seamless migration: no loss of in transit messages. Still not
supported for agent, smartcard and usb.
* Support a new rendering message, Composite, for much improved linux guest
performance.
* Support arbitrary resolution & multiple monitors on a single display channel.
* Improved keyboard handling under network latency with new
SPICE_MSGC_INPUTS_KEY_SCANCODE message.
* New libspice-server.so symbols:
spice_server_set_seamless_migration
spice_server_vm_stop
spice_server_vm_start
spice_qxl_monitors_config_async
* New capabilities:
SPICE_DISPLAY_CAP_COMPOSITE
SPICE_DISPLAY_CAP_MONITORS_CONFIG
SPICE_INPUTS_CAP_KEY_SCANCODE
SPICE_MAIN_CAP_AGENT_CONNECTED_TOKENS
SPICE_MAIN_CAP_SEAMLESS_MIGRATE
* Misc:
* char_device.c: Introducing shared flow control code for char devices
* Enable build without client, cegui and slirp.
* New spice protocol messages: (changes in spice-protocol, here for reference)
* SPICE_MSG_MAIN_NAME, SPICE_MSG_MAIN_UUID
* SPICE_MSG_DISPLAY_STREAM_DATA_SIZED
* New corresponding caps: (changes in spice-protocol, here for reference)
* SPICE_MAIN_CAP_NAME_AND_UUID
* SPICE_DISPLAY_CAP_SIZED_STREAM.
* Send name & uuid to capable clients
* add support for frames of different sizes RHBZ #813826
* server:
* support a pre-opened file descriptor
* Solaris support. Now using poll instead of epoll.
* Support IPV6 addresses in channel events RHBZ #788444
* other fixed RHBZ#: 787669, 787678, 819484
* spicec
* alsa: use "default" instead of "hw:0,0"
* volume keys support RHBZ #552539
* other fixed RHBZ#: 78655, 804561, 641828
* solaris, mingw & windows, 32 bit fixes.
* enable server only build.
* GNULIB manywarnings.m4 & warnings.m4 module added.
* Many more bug fixes & code cleanups.
* spice-protocol no longer external.
* new server functions:
+ spice_server_set_name
+ spice_server_set_uuid
+ spice_server_set_listen_socket_fd
+ spice_server_is_server_mouse
- Drop spice-gcc47.patch
- Update spice-glibc217.patch (file moved)
-------------------------------------------------------------------
Sat Nov 17 08:05:49 UTC 2012 - aj@suse.de
- Fix build with glibc 2.17 (add patch spice-glibc217.patch).
-------------------------------------------------------------------
Mon Apr 2 18:55:00 UTC 2012 - dimstar@opensuse.org
- Add spice-gcc47.patch: Fix build with gcc 4.7. Most of this used
to be in spice-signed-comparison.patch which got dropped with
latest update.
-------------------------------------------------------------------
Sun Apr 1 14:57:13 UTC 2012 - zaitor@opensuse.org
- Update to version 0.10.1:
+ Mini header support.
+ Add server API for injecting a client connection socket.
+ Add Xinerama support to spicec.
+ Many bugfixes / code cleanups.
+ Requires spice-protocol >= 0.10.1
- Drop spice-signed-comparison.patch and
0001-server-red_parse_qxl.h-License-should-be-LGPLv2-rath.patch
Fixed upstream.
-------------------------------------------------------------------
Mon Mar 19 21:07:03 UTC 2012 - dimstar@opensuse.org
- Extend spice-signed-comparison.patch: incl. git commit 965a1a.
-------------------------------------------------------------------
Mon Feb 13 10:56:18 UTC 2012 - coolo@suse.com
- patch license to follow spdx.org standard
-------------------------------------------------------------------
Thu Jan 5 13:47:57 UTC 2012 - dvaleev@suse.com
- Only x86 and x86-64 are supported
-------------------------------------------------------------------
Tue Dec 13 20:34:59 UTC 2011 - brogers@suse.com
- Initial package, prepared for inclusion in Factory.
Reference in New Issue Copy Permalink