Signed-off-by: Jonatan Schlag jonatan.schlag@ipfire.org --- lfs/spice-protocol | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/lfs/spice-protocol b/lfs/spice-protocol index c399fac..84376f5 100644 --- a/lfs/spice-protocol +++ b/lfs/spice-protocol @@ -24,7 +24,7 @@
include Config
-VER = 0.12.10 +VER = 0.12.11
THISAPP = spice-protocol-$(VER) DL_FILE = $(THISAPP).tar.bz2 @@ -32,7 +32,7 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = spice-protocol -PAK_VER = 1 +PAK_VER = 2
DEPS = ""
@@ -44,7 +44,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 1fb9d0dcdd42dce1b476ae8aa7569bcc +$(DL_FILE)_MD5 = 422bf0bc1eb34c8af3479a78b28e969b
install : $(TARGET)
This is an security update. Recent were 2 serious security vulnerabilities published. This patch update spice to a version which is not vulnerable.
The qemu version is pushed to deliver a qemu which is linked against the non vulnerable version.
Changelog:
Changes in 0.12.8: ================== * Fixes for CVE-2016-0749 and CVE-2016-2150
Changes in 0.12.7: ================== * spice-server will now send TCP keepalive probes on the TCP connections it uses. This can prevent unwanted idle disconnections if proxies are used between the client and the host. * Fix important memory usage when the webdav channel is used * Do not disconnect when the client requests an unsupported compression type * Fix a few race conditions * Fix display glitch when using XSpice * Improve help string for 'replay -s' * Fix crashes in corner cases (buggy spice-html5 + win10, vnc + SPICE port configured, USB webcam redirection over a slow link) * Fix various compilation warning when building on 32 bit machines * Some fixes for big-endian machines, more work is likely to be needed * Do not build static libraries by default, this can be reenabled with --enable-static * Fix small leak in MJPEG code
Signed-off-by: Jonatan Schlag jonatan.schlag@ipfire.org --- config/rootfiles/packages/spice | 2 +- lfs/qemu | 2 +- lfs/spice | 6 +++--- 3 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/config/rootfiles/packages/spice b/config/rootfiles/packages/spice index 93d2e9e..91fc0a6 100644 --- a/config/rootfiles/packages/spice +++ b/config/rootfiles/packages/spice @@ -13,5 +13,5 @@ #usr/lib/libspice-server.la #usr/lib/libspice-server.so usr/lib/libspice-server.so.1 -usr/lib/libspice-server.so.1.10.0 +usr/lib/libspice-server.so.1.10.1 #usr/lib/pkgconfig/spice-server.pc diff --git a/lfs/qemu b/lfs/qemu index 62010ee..d494845 100644 --- a/lfs/qemu +++ b/lfs/qemu @@ -33,7 +33,7 @@ DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) SUP_ARCH = i586 x86_64 PROG = qemu -PAK_VER = 20 +PAK_VER = 21
DEPS = "sdl spice"
diff --git a/lfs/spice b/lfs/spice index 415d5aa..80e88dd 100644 --- a/lfs/spice +++ b/lfs/spice @@ -24,7 +24,7 @@
include Config
-VER = 0.12.6 +VER = 0.12.8
THISAPP = spice-$(VER) DL_FILE = $(THISAPP).tar.bz2 @@ -32,7 +32,7 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = spice -PAK_VER = 1 +PAK_VER = 2
DEPS = "opus"
@@ -44,7 +44,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 605a8c8ea80bc95076c4b3539c6dd026 +$(DL_FILE)_MD5 = 376853d11b9921aa34a06c4dbef81874
install : $(TARGET)
This should actually be fixed in qemu without recompiling it. That's why we have shared libraries.
Can you confirm?
-Michael
On Fri, 2016-07-15 at 17:27 +0200, Jonatan Schlag wrote:
This is an security update. Recent were 2 serious security vulnerabilities published. This patch update spice to a version which is not vulnerable.
The qemu version is pushed to deliver a qemu which is linked against the non vulnerable version.
Changelog:
Changes in 0.12.8:
- Fixes for CVE-2016-0749 and CVE-2016-2150
Changes in 0.12.7:
- spice-server will now send TCP keepalive probes on the TCP connections
it uses. This can prevent unwanted idle disconnections if proxies are used between the client and the host.
- Fix important memory usage when the webdav channel is used
- Do not disconnect when the client requests an unsupported compression
type
- Fix a few race conditions
- Fix display glitch when using XSpice
- Improve help string for 'replay -s'
- Fix crashes in corner cases (buggy spice-html5 + win10, vnc + SPICE
port configured, USB webcam redirection over a slow link)
- Fix various compilation warning when building on 32 bit machines
- Some fixes for big-endian machines, more work is likely to be needed
- Do not build static libraries by default, this can be reenabled with
--enable-static
- Fix small leak in MJPEG code
Signed-off-by: Jonatan Schlag jonatan.schlag@ipfire.org
config/rootfiles/packages/spice | 2 +- lfs/qemu | 2 +- lfs/spice | 6 +++--- 3 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/config/rootfiles/packages/spice b/config/rootfiles/packages/spice index 93d2e9e..91fc0a6 100644 --- a/config/rootfiles/packages/spice +++ b/config/rootfiles/packages/spice @@ -13,5 +13,5 @@ #usr/lib/libspice-server.la #usr/lib/libspice-server.so usr/lib/libspice-server.so.1 -usr/lib/libspice-server.so.1.10.0 +usr/lib/libspice-server.so.1.10.1 #usr/lib/pkgconfig/spice-server.pc diff --git a/lfs/qemu b/lfs/qemu index 62010ee..d494845 100644 --- a/lfs/qemu +++ b/lfs/qemu @@ -33,7 +33,7 @@ DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) SUP_ARCH = i586 x86_64 PROG = qemu -PAK_VER = 20 +PAK_VER = 21 DEPS = "sdl spice" diff --git a/lfs/spice b/lfs/spice index 415d5aa..80e88dd 100644 --- a/lfs/spice +++ b/lfs/spice @@ -24,7 +24,7 @@ include Config -VER = 0.12.6 +VER = 0.12.8 THISAPP = spice-$(VER) DL_FILE = $(THISAPP).tar.bz2 @@ -32,7 +32,7 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = spice -PAK_VER = 1 +PAK_VER = 2 DEPS = "opus" @@ -44,7 +44,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_MD5 = 605a8c8ea80bc95076c4b3539c6dd026 +$(DL_FILE)_MD5 = 376853d11b9921aa34a06c4dbef81874 install : $(TARGET)
-
Jonatan Schlag -
Michael Tremer