[PATCH] Update spice-protocol to 0.12.11

[PATCH] Update spice-protocol to 0.12.11

[Jonatan Schlag]

[-- Attachment #1: Type: text/plain, Size: 848 bytes --]

Signed-off-by: Jonatan Schlag <jonatan.schlag(a)ipfire.org>
---
 lfs/spice-protocol | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/lfs/spice-protocol b/lfs/spice-protocol
index c399fac..84376f5 100644
--- a/lfs/spice-protocol
+++ b/lfs/spice-protocol
@@ -24,7 +24,7 @@
 
 include Config
 
-VER        = 0.12.10
+VER        = 0.12.11
 
 THISAPP    = spice-protocol-$(VER)
 DL_FILE    = $(THISAPP).tar.bz2
@@ -32,7 +32,7 @@ DL_FROM    = $(URL_IPFIRE)
 DIR_APP    = $(DIR_SRC)/$(THISAPP)
 TARGET     = $(DIR_INFO)/$(THISAPP)
 PROG       = spice-protocol
-PAK_VER    = 1
+PAK_VER    = 2
 
 DEPS       = ""
 
@@ -44,7 +44,7 @@ objects = $(DL_FILE)
 
 $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
 
-$(DL_FILE)_MD5 = 1fb9d0dcdd42dce1b476ae8aa7569bcc
+$(DL_FILE)_MD5 = 422bf0bc1eb34c8af3479a78b28e969b
 
 install : $(TARGET)
 
-- 
2.1.4

[PATCH] Update spice to version 0.12.8

[Jonatan Schlag]

[-- Attachment #1: Type: text/plain, Size: 2784 bytes --]

This is an security update.
Recent were 2 serious security vulnerabilities published.
This patch update spice to a version which is not vulnerable.

The qemu version is pushed to deliver a qemu which is linked against
the non vulnerable version.

Changelog:

Changes in 0.12.8:
==================
* Fixes for CVE-2016-0749 and CVE-2016-2150

Changes in 0.12.7:
==================
* spice-server will now send TCP keepalive probes on the TCP connections
  it
  uses. This can prevent unwanted idle disconnections if proxies are
  used
  between the client and the host.
* Fix important memory usage when the webdav channel is used
* Do not disconnect when the client requests an unsupported compression
  type
* Fix a few race conditions
* Fix display glitch when using XSpice
* Improve help string for 'replay -s'
* Fix crashes in corner cases (buggy spice-html5 + win10, vnc + SPICE
  port
  configured, USB webcam redirection over a slow link)
* Fix various compilation warning when building on 32 bit machines
* Some fixes for big-endian machines, more work is likely to be needed
* Do not build static libraries by default, this can be reenabled with
  --enable-static
* Fix small leak in MJPEG code

Signed-off-by: Jonatan Schlag <jonatan.schlag(a)ipfire.org>
---
 config/rootfiles/packages/spice | 2 +-
 lfs/qemu                        | 2 +-
 lfs/spice                       | 6 +++---
 3 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/config/rootfiles/packages/spice b/config/rootfiles/packages/spice
index 93d2e9e..91fc0a6 100644
--- a/config/rootfiles/packages/spice
+++ b/config/rootfiles/packages/spice
@@ -13,5 +13,5 @@
 #usr/lib/libspice-server.la
 #usr/lib/libspice-server.so
 usr/lib/libspice-server.so.1
-usr/lib/libspice-server.so.1.10.0
+usr/lib/libspice-server.so.1.10.1
 #usr/lib/pkgconfig/spice-server.pc
diff --git a/lfs/qemu b/lfs/qemu
index 62010ee..d494845 100644
--- a/lfs/qemu
+++ b/lfs/qemu
@@ -33,7 +33,7 @@ DIR_APP    = $(DIR_SRC)/$(THISAPP)
 TARGET     = $(DIR_INFO)/$(THISAPP)
 SUP_ARCH   = i586 x86_64
 PROG       = qemu
-PAK_VER    = 20
+PAK_VER    = 21
 
 DEPS       = "sdl spice"
 
diff --git a/lfs/spice b/lfs/spice
index 415d5aa..80e88dd 100644
--- a/lfs/spice
+++ b/lfs/spice
@@ -24,7 +24,7 @@
 
 include Config
 
-VER        = 0.12.6
+VER        = 0.12.8
 
 THISAPP    = spice-$(VER)
 DL_FILE    = $(THISAPP).tar.bz2
@@ -32,7 +32,7 @@ DL_FROM    = $(URL_IPFIRE)
 DIR_APP    = $(DIR_SRC)/$(THISAPP)
 TARGET     = $(DIR_INFO)/$(THISAPP)
 PROG       = spice
-PAK_VER    = 1
+PAK_VER    = 2
 
 DEPS       = "opus"
 
@@ -44,7 +44,7 @@ objects = $(DL_FILE)
 
 $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
 
-$(DL_FILE)_MD5 = 605a8c8ea80bc95076c4b3539c6dd026
+$(DL_FILE)_MD5 = 376853d11b9921aa34a06c4dbef81874
 
 install : $(TARGET)
 
-- 
2.1.4

Re: [PATCH] Update spice to version 0.12.8

[Michael Tremer]

[-- Attachment #1: Type: text/plain, Size: 3437 bytes --]

This should actually be fixed in qemu without recompiling it. That's why we have
shared libraries.

Can you confirm?

-Michael

On Fri, 2016-07-15 at 17:27 +0200, Jonatan Schlag wrote:
> This is an security update.
> Recent were 2 serious security vulnerabilities published.
> This patch update spice to a version which is not vulnerable.
> 
> The qemu version is pushed to deliver a qemu which is linked against
> the non vulnerable version.
> 
> Changelog:
> 
> Changes in 0.12.8:
> ==================
> * Fixes for CVE-2016-0749 and CVE-2016-2150
> 
> Changes in 0.12.7:
> ==================
> * spice-server will now send TCP keepalive probes on the TCP connections
>   it
>   uses. This can prevent unwanted idle disconnections if proxies are
>   used
>   between the client and the host.
> * Fix important memory usage when the webdav channel is used
> * Do not disconnect when the client requests an unsupported compression
>   type
> * Fix a few race conditions
> * Fix display glitch when using XSpice
> * Improve help string for 'replay -s'
> * Fix crashes in corner cases (buggy spice-html5 + win10, vnc + SPICE
>   port
>   configured, USB webcam redirection over a slow link)
> * Fix various compilation warning when building on 32 bit machines
> * Some fixes for big-endian machines, more work is likely to be needed
> * Do not build static libraries by default, this can be reenabled with
>   --enable-static
> * Fix small leak in MJPEG code
> 
> Signed-off-by: Jonatan Schlag <jonatan.schlag(a)ipfire.org>
> ---
>  config/rootfiles/packages/spice | 2 +-
>  lfs/qemu                        | 2 +-
>  lfs/spice                       | 6 +++---
>  3 files changed, 5 insertions(+), 5 deletions(-)
> 
> diff --git a/config/rootfiles/packages/spice b/config/rootfiles/packages/spice
> index 93d2e9e..91fc0a6 100644
> --- a/config/rootfiles/packages/spice
> +++ b/config/rootfiles/packages/spice
> @@ -13,5 +13,5 @@
>  #usr/lib/libspice-server.la
>  #usr/lib/libspice-server.so
>  usr/lib/libspice-server.so.1
> -usr/lib/libspice-server.so.1.10.0
> +usr/lib/libspice-server.so.1.10.1
>  #usr/lib/pkgconfig/spice-server.pc
> diff --git a/lfs/qemu b/lfs/qemu
> index 62010ee..d494845 100644
> --- a/lfs/qemu
> +++ b/lfs/qemu
> @@ -33,7 +33,7 @@ DIR_APP    = $(DIR_SRC)/$(THISAPP)
>  TARGET     = $(DIR_INFO)/$(THISAPP)
>  SUP_ARCH   = i586 x86_64
>  PROG       = qemu
> -PAK_VER    = 20
> +PAK_VER    = 21
>  
>  DEPS       = "sdl spice"
>  
> diff --git a/lfs/spice b/lfs/spice
> index 415d5aa..80e88dd 100644
> --- a/lfs/spice
> +++ b/lfs/spice
> @@ -24,7 +24,7 @@
>  
>  include Config
>  
> -VER        = 0.12.6
> +VER        = 0.12.8
>  
>  THISAPP    = spice-$(VER)
>  DL_FILE    = $(THISAPP).tar.bz2
> @@ -32,7 +32,7 @@ DL_FROM    = $(URL_IPFIRE)
>  DIR_APP    = $(DIR_SRC)/$(THISAPP)
>  TARGET     = $(DIR_INFO)/$(THISAPP)
>  PROG       = spice
> -PAK_VER    = 1
> +PAK_VER    = 2
>  
>  DEPS       = "opus"
>  
> @@ -44,7 +44,7 @@ objects = $(DL_FILE)
>  
>  $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
>  
> -$(DL_FILE)_MD5 = 605a8c8ea80bc95076c4b3539c6dd026
> +$(DL_FILE)_MD5 = 376853d11b9921aa34a06c4dbef81874
>  
>  install : $(TARGET)
>  

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 819 bytes --]