Update spice to version 0.12.8
Message ID | 1468596436-19950-2-git-send-email-jonatan.schlag@ipfire.org |
---|---|
State | Superseded |
Headers |
Return-Path: <development-bounces@lists.ipfire.org> Received: from mail01.ipfire.org (hedwig.ipfire.org [172.28.1.200]) by web02.ipfire.org (Postfix) with ESMTP id E1F1361D39 for <patchwork@ipfire.org>; Fri, 15 Jul 2016 17:16:15 +0200 (CEST) Received: from mail01.ipfire.org (localhost [IPv6:::1]) by mail01.ipfire.org (Postfix) with ESMTP id D40B143F9; Fri, 15 Jul 2016 17:16:13 +0200 (CEST) Received: from fangorn.local.familyschlag (dslb-088-073-223-232.088.073.pools.vodafone-ip.de [88.73.223.232]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (No client certificate requested) by mail01.ipfire.org (Postfix) with ESMTPSA id 2303E43F7; Fri, 15 Jul 2016 17:16:01 +0200 (CEST) From: Jonatan Schlag <jonatan.schlag@ipfire.org> To: development@lists.ipfire.org Subject: [PATCH] Update spice to version 0.12.8 Date: Fri, 15 Jul 2016 17:27:16 +0200 Message-Id: <1468596436-19950-2-git-send-email-jonatan.schlag@ipfire.org> X-Mailer: git-send-email 2.1.4 In-Reply-To: <1468596436-19950-1-git-send-email-jonatan.schlag@ipfire.org> References: <1468596436-19950-1-git-send-email-jonatan.schlag@ipfire.org> X-BeenThere: development@lists.ipfire.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: IPFire development talk <development.lists.ipfire.org> List-Unsubscribe: <http://lists.ipfire.org/mailman/options/development>, <mailto:development-request@lists.ipfire.org?subject=unsubscribe> List-Archive: <http://lists.ipfire.org/pipermail/development/> List-Post: <mailto:development@lists.ipfire.org> List-Help: <mailto:development-request@lists.ipfire.org?subject=help> List-Subscribe: <http://lists.ipfire.org/mailman/listinfo/development>, <mailto:development-request@lists.ipfire.org?subject=subscribe> Errors-To: development-bounces@lists.ipfire.org Sender: "Development" <development-bounces@lists.ipfire.org> |
Message
Jonatan Schlag
July 16, 2016, 1:27 a.m. UTC
This is an security update. Recent were 2 serious security vulnerabilities published. This patch update spice to a version which is not vulnerable. The qemu version is pushed to deliver a qemu which is linked against the non vulnerable version. Changelog: Changes in 0.12.8:
Comments
This should actually be fixed in qemu without recompiling it. That's why we have shared libraries. Can you confirm? -Michael On Fri, 2016-07-15 at 17:27 +0200, Jonatan Schlag wrote: > This is an security update. > Recent were 2 serious security vulnerabilities published. > This patch update spice to a version which is not vulnerable. > > The qemu version is pushed to deliver a qemu which is linked against > the non vulnerable version. > > Changelog: > > Changes in 0.12.8: > ================== > * Fixes for CVE-2016-0749 and CVE-2016-2150 > > Changes in 0.12.7: > ================== > * spice-server will now send TCP keepalive probes on the TCP connections > it > uses. This can prevent unwanted idle disconnections if proxies are > used > between the client and the host. > * Fix important memory usage when the webdav channel is used > * Do not disconnect when the client requests an unsupported compression > type > * Fix a few race conditions > * Fix display glitch when using XSpice > * Improve help string for 'replay -s' > * Fix crashes in corner cases (buggy spice-html5 + win10, vnc + SPICE > port > configured, USB webcam redirection over a slow link) > * Fix various compilation warning when building on 32 bit machines > * Some fixes for big-endian machines, more work is likely to be needed > * Do not build static libraries by default, this can be reenabled with > --enable-static > * Fix small leak in MJPEG code > > Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org> > --- > config/rootfiles/packages/spice | 2 +- > lfs/qemu | 2 +- > lfs/spice | 6 +++--- > 3 files changed, 5 insertions(+), 5 deletions(-) > > diff --git a/config/rootfiles/packages/spice b/config/rootfiles/packages/spice > index 93d2e9e..91fc0a6 100644 > --- a/config/rootfiles/packages/spice > +++ b/config/rootfiles/packages/spice > @@ -13,5 +13,5 @@ > #usr/lib/libspice-server.la > #usr/lib/libspice-server.so > usr/lib/libspice-server.so.1 > -usr/lib/libspice-server.so.1.10.0 > +usr/lib/libspice-server.so.1.10.1 > #usr/lib/pkgconfig/spice-server.pc > diff --git a/lfs/qemu b/lfs/qemu > index 62010ee..d494845 100644 > --- a/lfs/qemu > +++ b/lfs/qemu > @@ -33,7 +33,7 @@ DIR_APP = $(DIR_SRC)/$(THISAPP) > TARGET = $(DIR_INFO)/$(THISAPP) > SUP_ARCH = i586 x86_64 > PROG = qemu > -PAK_VER = 20 > +PAK_VER = 21 > > DEPS = "sdl spice" > > diff --git a/lfs/spice b/lfs/spice > index 415d5aa..80e88dd 100644 > --- a/lfs/spice > +++ b/lfs/spice > @@ -24,7 +24,7 @@ > > include Config > > -VER = 0.12.6 > +VER = 0.12.8 > > THISAPP = spice-$(VER) > DL_FILE = $(THISAPP).tar.bz2 > @@ -32,7 +32,7 @@ DL_FROM = $(URL_IPFIRE) > DIR_APP = $(DIR_SRC)/$(THISAPP) > TARGET = $(DIR_INFO)/$(THISAPP) > PROG = spice > -PAK_VER = 1 > +PAK_VER = 2 > > DEPS = "opus" > > @@ -44,7 +44,7 @@ objects = $(DL_FILE) > > $(DL_FILE) = $(DL_FROM)/$(DL_FILE) > > -$(DL_FILE)_MD5 = 605a8c8ea80bc95076c4b3539c6dd026 > +$(DL_FILE)_MD5 = 376853d11b9921aa34a06c4dbef81874 > > install : $(TARGET) >