Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

libspice-server-devel-0.14.2-lp152.2.6.1 RPM for i586

From OpenSuSE Leap 15.2 updates for i586

Name: libspice-server-devel Distribution: openSUSE Leap 15.2
Version: 0.14.2 Vendor: openSUSE
Release: lp152.2.6.1 Build date: Thu Jun 10 10:55:56 2021
Group: Development/Languages/C and C++ Build host: lamb14
Size: 36874 Source RPM: spice-0.14.2-lp152.2.6.1.src.rpm
Summary: Development files for building SPICE-server
Development files for building SPICE-server.
The SPICE server is used to expose a remote machine's display
and devices.




LGPL-2.1-or-later OR GPL-2.0-or-later


* Thu May 27 2021
  - bsc#1181686 - VUL-0: CVE-2021-20201: spice,spice-gtk: client
    initiated renegotiation denial of service
* Mon Oct 05 2020 Bruce Rogers <>
  - Fix buffer overflow vulnerabilities in QUIC image decoding
    (CVE-2020-14355 bsc#1177158)
* Thu May 16 2019 Bruce Rogers <>
  - Update to v0.14.2 stable release
    The main changes are support for Meson build and graphic device
    info messages allowing to better support multi-monitor
    * support H265 in stream-channel
    * add support for building with meson/ninja
    * minor tests fixes improving CI
    * set char device state for smartcard, allowing Qemu optimization
    * improve red-parse-qxl.c interface making it more consistent
    * add some instrumentation for streaming device
    * QXL interface: add a function to identify monitors in the guest
    * add support for GraphicsDeviceInfo messages
    * video-stream: prevent crash on stream reattach
    * make channel client callbacks virtual functions
    * bumped minimum required glib version to 2.38
    * attempt to have a reliable led state for keyboard modifiers
  - Removed patches:
    (The first two are altered versions of what is carried upstream.
    I think we're fine with what upstream does here)
* Fri Mar 01 2019
  - Use plain python2 for SLE12 builds
  - Remove PYTHON=python3, configure will find and use the python3
* Mon Jan 28 2019 Bruce Rogers <>
  - Fix OOB memory access in internal tracking of slot_ids and
    group_ids. (CVE-2019-3813 bsc#1122706)
    * 0001-memslot-Fix-off-by-one-error-in-group-slot-boundary-.patch
  - Remove celt051 Requires directive
* Wed Sep 19 2018
  - Upstream disabled support for the celt051 audio codec by default,
    do likewise in the spec
  - Note updated 0.14.1 build dependencies in the spec:
    * OpenSSL 1.0.0 or newer is now required
    * glib 2.32 required
  - add upstream signing key and verify source signature
* Wed Sep 19 2018 Bruce Rogers <>
  - Update to v0.14.1 stable release
    The announcement email describes this release as follows:
    The main change in this release is the addition of a new protocol
    extension in order to support streaming the remote display as a
    video stream rather than going through the QXL protocol. Together
    with spice-streaming-agent, and/or with more work on the qemu/
    spice-server side, this should allow streaming of 3D accelerated
    VMs in the future. At this point, this part of spice-server is
    still a work in progress (multi-monitor support and various
    features are missing).
    * avoid performance issues on Windows 10 KVM guests (boo#1109044)
    * add new channel used for passing an
      encoded video stream from the guest to the client
    * add support for TCP_CORK to reduce the amount of packets that
      we send
    * fix CVE-2018-10873 (maintainer note: we already carried fix)
    * fix cursor related migration crash
    * fix regression causing sound recording to be muted after client
      disconnection/reconnection (introduced in 0.13.90)
    * fix regression in corner cases where images could be sent
      uncompressed when they used to be compressed with QUIC
    * disable TLS 1.0 support
    * CELT 0.5.1 support is now disabled by default. If celt051-devel
      is installed at build-time, --enable-celt051/--disable-celt051
      must be explicitly specified
    * drop support for unsupported OpenSSL version. OpenSSL 1.0.0 or
      newer is now required
    * bumped minimum required glib version to 2.32
    * endianness fixes
    * (small) leak fixes
    * usual round of code cleanups
    * not directly related to this release, but the upstream git
      repository is now hosted on
  - Removed patches:
* Mon Aug 20 2018
  - Fix potential heap corruption when demarshalling (CVE-2018-10873,
    Added patch:
* Mon Jul 16 2018
  - Avoid buffer overflow on image lz cheks (CVE-2018-10893, bsc#1101295)
    Added patches:
* Tue Jan 30 2018
  - Correct RPM group for shared library.
* Tue Jan 30 2018
  - Split the sle condition again for exact features to allow their
* Thu Jan 18 2018
  - Enable smartcards on sle15 as the supportlib is available
    * Condition it using name everywhere instead of suse versions
      and join together with lz4
  - Format with spec-cleaner
  - Convert dependencies to pkgconfig style
  - Install documentation and license file
  - Add configure arguments to most of the options to not rely on
    autotools automatic behavior
    * Also enable gstreamer and lz4 options
  - Drop the not needed python dependencies, they are needed only
    when building from git snapshot
* Thu Oct 26 2017
  - Release 0.14.0
    * fix client mouse with virgl
    * fix frozen display after seamless migration
    * set human-readable name on spice threads
    * add sanity-checks for ORC library as it can abort spice-server
      when selinux is in use
    * Close TCP connection early when client did not send the correct
      SPICE magic bytes: this allows VNC clients to gracefully fail
      when connecting to a SPICE port
    * Add VP9 encoding support when GStreamer is being used and misc
      streaming/encoding improvements
    * Improvements to replay utility
    * Limit (deprecated/unusud) QXLMessage size to 100,000 characters
      for improved safety
    * Improve image quality in low bitrate situation when using the
      GStreamer backend
    * Added GStreamer support to the video streaming code
    * Fix old migration bug causing migration to never end in some cases
    * Added lz4 compression to the spicevmc channel
    * Ongoing code cleanups
    * add spice_qxl_gl_scanout() spice_qxl_gl_draw_async() for local
      virgl support
    * spice_server_set_keepalive_timeout() has been removed in favour of
      unconditionally sending keepalive probes every 10 minutes
    * Added public spice_server_set_keepalive_timeout() to make it possible
      to tweak keepalive on all SPICE connection. This can prevent unwanted
      idle disconnections if proxies are used between the client and the host.
    * Fix important memory usage when the webdav channel is used
    * Do not disconnect when the client requests an unsupported compression type
    * Fix potential race condition when using multiple QXL devices
    * Fix display glitch when using XSpice
    * Improve help string for 'replay -s'
    * Fix small leak in MJPEG code
  - Removed patches:
    * CVE-2016-9577-buffer-overflow-in-main_channel_alloc_msg_rcv_buf.patch
    * CVE-2016-9578-remote-dos-via-crafted-message.patch
* Thu Feb 02 2017
  - Added patches to fix two security vulnerabilities.
    * CVE-2016-9577-buffer-overflow-in-main_channel_alloc_msg_rcv_buf.patch
      [CVE-2016-9577, bsc#1023078]
    * CVE-2016-9578-remote-dos-via-crafted-message.patch
      [CVE-2016-9578, bsc#1023079]
* Thu Feb 02 2017
  - Synchronize with SLES (fate#322402):
    + bnc#894069: disable smartcard support for SLES
    + merge changelog
* Thu Dec 22 2016
  - restrict suppression of obsoletes-not-provided warning to
    spice-client bsc#1013916
* Tue Dec 13 2016
  - Obsolete spice-client (bsc#1013916)
* Thu Nov 10 2016
  - remove ExclusiveArch (boo#1009438)
* Sat Oct 08 2016
  - Update to version 0.12.8:
    + Fixes for bsc#982385 / CVE-2016-0749 and bsc#982386 / CVE-2016-2150.
* Fri Apr 15 2016
  - Update to version 0.12.7 (fate#320079)
    + spice-server will now send TCP keepalive probes on the TCP connections it
      uses. This can prevent unwanted idle disconnections if proxies are used
      between the client and the host.
    + Fix important memory usage when the webdav channel is used
    + Do not disconnect when the client requests an unsupported compression type
    + Fix a few race conditions
    + Fix display glitch when using XSpice
    + Improve help string for 'replay -s'
    + Fix crashes in corner cases (buggy spice-html5 + win10, vnc + SPICE port
      configured, USB webcam redirection over a slow link)
    + Fix various compilation warning when building on 32 bit machines
    + Some fixes for big-endian machines, more work is likely to be needed
    + Do not build static libraries by default, this can be reenabled with --enable-static
    + Fix small leak in MJPEG code
* Tue Oct 06 2015
  - Update to version 0.12.6
    + Removed spicec client code, it has been superseded by remote-viewer
      and other spice-gtk based clients
    + Unix socket support
    + LZ4 support
    + Let clients specify their preferred image compression format
    + Allow to record and replay a spice-server session
    + Fixes for CVE-2015-3247 CVE-2015-5260 and CVE-2015-5261
      bsc#944787, bsc#948976
    + spice-protocol submodule has been removed, spice-protocol must
      now be installed when building spice-server
    + Remove write polling in chardevs to reduce wakeups
  - Remove upstream merged patches:
    + spice-Don-t-use-48kHz-for-playback-recording-rates.patch
    + password-length-check.patch
    + cve-2015-3247.patch
* Mon Sep 07 2015
  - bsc#944460: fix CVE-2015-3247.
* Fri Jun 05 2015
  - Don't allow setting password longer than what the spice protocol
    allows. password-length-check.patch. boo#931044
* Sat Oct 18 2014
  - Replace xorg-x11-devel buildrequire by selected pkgconfig(xlibs..)
* Wed Oct 15 2014
  - Update to version 0.12.5:
    + Added Opus support. Celt support will be obsoleted in a future
    + Addition of webdav channel.
    + Force use of TLS 1.0 or newer for TLS connections.
    + Reference manual.
    + Some optimizations improving CPU use.
    + Various bug fixes for race conditions, memory corruption, which
      could be triggered on client disconnections, migration, and
      cause spice-server to misbehave.
    + Portability fixes.
    + Code cleanups.
    + bsc#848279: fix CVE-2013-4282.
  - Add pkconfig(opus) BuildRequires: Needed to build new opus
  - Add spice-Don-t-use-48kHz-for-playback-recording-rates.patch:
    Fix advertised sound playback/recording rates in public headers
  - Drop spice-glibc217.patch: No longer needed.
  - Run spec-clean on spec file, remove conditionals for obsolete
    versions of openSUSE, enable parallel build and drop obsolete
    clean section.



Generated by rpm2html 1.8.1

Fabrice Bellet, Tue Jul 9 11:42:48 2024