From ab1cfb72283af610213b1e0fbf4d29e5531abc41 Mon Sep 17 00:00:00 2001 From: James Antill Date: Thu, 26 May 2022 14:29:22 -0400 Subject: [PATCH] Auto sync2gitlab import of spice-0.14.3-4.el8.src.rpm --- .gitignore | 3 + ...ve-some-data-to-start-decoding-quic-.patch | 34 ++ ...heck-image-size-in-quic_decode_begin.patch | 48 +++ 0003-quic-Check-RLE-lengths.patch | 35 ++ ...sible-buffer-overflow-in-find_bucket.patch | 35 ++ ...socket-Fix-possible-integer-overflow.patch | 32 ++ ...socket-check-setsockopt-return-value.patch | 41 ++ ....2-disable-client-side-renegotiation.patch | 38 ++ ....1-disable-client-side-renegotiation.patch | 36 ++ EMPTY | 1 - sources | 3 + spice.spec | 393 ++++++++++++++++++ 12 files changed, 698 insertions(+), 1 deletion(-) create mode 100644 .gitignore create mode 100644 0001-quic-Check-we-have-some-data-to-start-decoding-quic-.patch create mode 100644 0002-quic-Check-image-size-in-quic_decode_begin.patch create mode 100644 0003-quic-Check-RLE-lengths.patch create mode 100644 0004-quic-Avoid-possible-buffer-overflow-in-find_bucket.patch create mode 100644 0005-websocket-Fix-possible-integer-overflow.patch create mode 100644 0006-test-websocket-check-setsockopt-return-value.patch create mode 100644 0007-OpenSSL-1.0.2-disable-client-side-renegotiation.patch create mode 100644 0008-OpenSSL-1.1-disable-client-side-renegotiation.patch delete mode 100644 EMPTY create mode 100644 sources create mode 100644 spice.spec diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..61247ed --- /dev/null +++ b/.gitignore @@ -0,0 +1,3 @@ +/spice-0.14.3.tar.bz2 +/spice-0.14.3.tar.bz2.sig +/victortoso-E37A484F.keyring diff --git a/0001-quic-Check-we-have-some-data-to-start-decoding-quic-.patch b/0001-quic-Check-we-have-some-data-to-start-decoding-quic-.patch new file mode 100644 index 0000000..896bfbc --- /dev/null +++ b/0001-quic-Check-we-have-some-data-to-start-decoding-quic-.patch @@ -0,0 +1,34 @@ +From d9cc2d4659950df230dfe30e5445b91d4c15604e Mon Sep 17 00:00:00 2001 +From: Frediano Ziglio +Date: Wed, 29 Apr 2020 15:09:13 +0100 +Subject: [PATCH spice-common 1/4] quic: Check we have some data to start + decoding quic image + +All paths already pass some data to quic_decode_begin but for the +test check it, it's not that expensive test. +Checking for not 0 is enough, all other words will potentially be +read calling more_io_words but we need one to avoid a potential +initial buffer overflow or deferencing an invalid pointer. + +Signed-off-by: Frediano Ziglio +Acked-by: Uri Lublin +--- + common/quic.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/subprojects/spice-common/common/quic.c b/subprojects/spice-common/common/quic.c +index 55a5d6c..e03f3af 100644 +--- a/subprojects/spice-common/common/quic.c ++++ b/subprojects/spice-common/common/quic.c +@@ -1136,7 +1136,7 @@ int quic_decode_begin(QuicContext *quic, uint32_t *io_ptr, unsigned int num_io_w + int channels; + int bpc; + +- if (!encoder_reset(encoder, io_ptr, io_ptr_end)) { ++ if (!num_io_words || !encoder_reset(encoder, io_ptr, io_ptr_end)) { + return QUIC_ERROR; + } + +-- +2.25.4 + diff --git a/0002-quic-Check-image-size-in-quic_decode_begin.patch b/0002-quic-Check-image-size-in-quic_decode_begin.patch new file mode 100644 index 0000000..ea52954 --- /dev/null +++ b/0002-quic-Check-image-size-in-quic_decode_begin.patch @@ -0,0 +1,48 @@ +From 19cd6fe85610b424349db2d97e2dd0e2761a4a05 Mon Sep 17 00:00:00 2001 +From: Frediano Ziglio +Date: Wed, 29 Apr 2020 15:10:24 +0100 +Subject: [PATCH spice-common 2/4] quic: Check image size in quic_decode_begin + +Avoid some overflow in code due to images too big or +negative numbers. + +Signed-off-by: Frediano Ziglio +Acked-by: Uri Lublin +--- + common/quic.c | 13 +++++++++++++ + 1 file changed, 13 insertions(+) + +diff --git a/subprojects/spice-common/common/quic.c b/subprojects/spice-common/common/quic.c +index e03f3af..890f128 100644 +--- a/subprojects/spice-common/common/quic.c ++++ b/subprojects/spice-common/common/quic.c +@@ -56,6 +56,9 @@ typedef uint8_t BYTE; + #define MINwminext 1 + #define MAXwminext 100000000 + ++/* Maximum image size in pixels, mainly to avoid possible integer overflows */ ++#define SPICE_MAX_IMAGE_SIZE (512 * 1024 * 1024 - 1) ++ + typedef struct QuicFamily { + unsigned int nGRcodewords[MAXNUMCODES]; /* indexed by code number, contains number of + unmodified GR codewords in the code */ +@@ -1165,6 +1168,16 @@ int quic_decode_begin(QuicContext *quic, uint32_t *io_ptr, unsigned int num_io_w + height = encoder->io_word; + decode_eat32bits(encoder); + ++ if (width <= 0 || height <= 0) { ++ encoder->usr->warn(encoder->usr, "invalid size\n"); ++ return QUIC_ERROR; ++ } ++ ++ /* avoid too big images */ ++ if ((uint64_t) width * height > SPICE_MAX_IMAGE_SIZE) { ++ encoder->usr->error(encoder->usr, "image too large\n"); ++ } ++ + quic_image_params(encoder, type, &channels, &bpc); + + if (!encoder_reset_channels(encoder, channels, width, bpc)) { +-- +2.25.4 + diff --git a/0003-quic-Check-RLE-lengths.patch b/0003-quic-Check-RLE-lengths.patch new file mode 100644 index 0000000..aebad02 --- /dev/null +++ b/0003-quic-Check-RLE-lengths.patch @@ -0,0 +1,35 @@ +From d45a4954d73b41a255b8b4ec57c01ae87ec2936e Mon Sep 17 00:00:00 2001 +From: Frediano Ziglio +Date: Wed, 29 Apr 2020 15:11:38 +0100 +Subject: [PATCH spice-common 3/4] quic: Check RLE lengths + +Avoid buffer overflows decoding images. On compression we compute +lengths till end of line so it won't cause regressions. +Proved by fuzzing the code. + +Signed-off-by: Frediano Ziglio +Acked-by: Uri Lublin +--- + common/quic_tmpl.c | 6 +++++- + 1 file changed, 5 insertions(+), 1 deletion(-) + +diff --git a/subprojects/spice-common/common/quic_tmpl.c b/subprojects/spice-common/common/quic_tmpl.c +index f0a4927..11e09f5 100644 +--- a/subprojects/spice-common/common/quic_tmpl.c ++++ b/subprojects/spice-common/common/quic_tmpl.c +@@ -570,7 +570,11 @@ static void FNAME_DECL(uncompress_row_seg)(const PIXEL * const prev_row, + do_run: + state->waitcnt = stopidx - i; + run_index = i; +- run_end = i + decode_state_run(encoder, state); ++ run_end = decode_state_run(encoder, state); ++ if (run_end < 0 || run_end > (end - i)) { ++ encoder->usr->error(encoder->usr, "wrong RLE\n"); ++ } ++ run_end += i; + + for (; i < run_end; i++) { + UNCOMPRESS_PIX_START(&cur_row[i]); +-- +2.25.4 + diff --git a/0004-quic-Avoid-possible-buffer-overflow-in-find_bucket.patch b/0004-quic-Avoid-possible-buffer-overflow-in-find_bucket.patch new file mode 100644 index 0000000..fbc414c --- /dev/null +++ b/0004-quic-Avoid-possible-buffer-overflow-in-find_bucket.patch @@ -0,0 +1,35 @@ +From 57c6e6b00247ad289a27648213d7ad2306fe3931 Mon Sep 17 00:00:00 2001 +From: Frediano Ziglio +Date: Thu, 30 Apr 2020 10:19:09 +0100 +Subject: [PATCH spice-common 4/4] quic: Avoid possible buffer overflow in + find_bucket + +Proved by fuzzing the code. + +Signed-off-by: Frediano Ziglio +Acked-by: Uri Lublin +--- + common/quic_family_tmpl.c | 7 ++++++- + 1 file changed, 6 insertions(+), 1 deletion(-) + +diff --git a/subprojects/spice-common/common/quic_family_tmpl.c b/subprojects/spice-common/common/quic_family_tmpl.c +index 8a5f7d2..6cc051b 100644 +--- a/subprojects/spice-common/common/quic_family_tmpl.c ++++ b/subprojects/spice-common/common/quic_family_tmpl.c +@@ -103,7 +103,12 @@ static s_bucket *FNAME(find_bucket)(Channel *channel, const unsigned int val) + spice_assert(val < (0x1U << BPC)); + } + +- return channel->_buckets_ptrs[val]; ++ /* The and (&) here is to avoid buffer overflows in case of garbage or malicious ++ * attempts. Is much faster then using comparisons and save us from such situations. ++ * Note that on normal build the check above won't be compiled as this code path ++ * is pretty hot and would cause speed regressions. ++ */ ++ return channel->_buckets_ptrs[val & ((1U << BPC) - 1)]; + } + + #undef FNAME +-- +2.25.4 + diff --git a/0005-websocket-Fix-possible-integer-overflow.patch b/0005-websocket-Fix-possible-integer-overflow.patch new file mode 100644 index 0000000..cbb2b1c --- /dev/null +++ b/0005-websocket-Fix-possible-integer-overflow.patch @@ -0,0 +1,32 @@ +From b8f4d7d2c7a3d08a82f4bc7588cdff15cee54292 Mon Sep 17 00:00:00 2001 +From: Frediano Ziglio +Date: Tue, 16 Jun 2020 11:49:19 +0100 +Subject: [PATCH] websocket: Fix possible integer overflow + +The shift of a uint_8 number by a number > 32 causes an overflow. + +Signed-off-by: Frediano Ziglio +Acked-by: Uri Lublin +--- + server/websocket.c | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +diff --git a/server/websocket.c b/server/websocket.c +index f5df63f8..82b20b49 100644 +--- a/server/websocket.c ++++ b/server/websocket.c +@@ -165,8 +165,9 @@ static uint64_t extract_length(const uint8_t *buf, int *used) + case LENGTH_64BIT: + *used += 8; + outlen = 0; +- for (i = 56; i >= 0; i -= 8) { +- outlen |= (*buf++) << i; ++ for (i = 0; i < 8; ++i) { ++ outlen <<= 8; ++ outlen |= *buf++; + } + break; + +-- +2.26.2 + diff --git a/0006-test-websocket-check-setsockopt-return-value.patch b/0006-test-websocket-check-setsockopt-return-value.patch new file mode 100644 index 0000000..7095610 --- /dev/null +++ b/0006-test-websocket-check-setsockopt-return-value.patch @@ -0,0 +1,41 @@ +From 954eabaeb76a0f93a32210b6bf63157ad2c0fb22 Mon Sep 17 00:00:00 2001 +From: Uri Lublin +Date: Wed, 17 Jun 2020 11:52:05 +0300 +Subject: [PATCH] test-websocket: check setsockopt return value + +Acked-by: Frediano Ziglio +--- + server/tests/test-websocket.c | 10 ++++++++-- + 1 file changed, 8 insertions(+), 2 deletions(-) + +diff --git a/server/tests/test-websocket.c b/server/tests/test-websocket.c +index 2115411e..701f5408 100644 +--- a/server/tests/test-websocket.c ++++ b/server/tests/test-websocket.c +@@ -146,7 +146,10 @@ main(int argc, char **argv) + } + + int enable = 1; +- setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, &enable, sizeof(enable)); ++ if (setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, ++ (const void *) &enable, sizeof(enable)) < 0) { ++ err(1, "setsockopt reuseaddr"); ++ } + + if (non_blocking) { + red_socket_set_non_blocking(sock, true); +@@ -200,7 +203,10 @@ handle_client(int new_sock) + } + + int enable = 1; +- setsockopt(new_sock, SOL_TCP, TCP_NODELAY, (const void *) &enable, sizeof(enable)); ++ if (setsockopt(new_sock, SOL_TCP, TCP_NODELAY, ++ (const void *) &enable, sizeof(enable)) < 0) { ++ err(1, "setsockopt nodelay"); ++ } + + // wait header + wait_for(new_sock, POLLIN); +-- +2.26.2 + diff --git a/0007-OpenSSL-1.0.2-disable-client-side-renegotiation.patch b/0007-OpenSSL-1.0.2-disable-client-side-renegotiation.patch new file mode 100644 index 0000000..96d6f4f --- /dev/null +++ b/0007-OpenSSL-1.0.2-disable-client-side-renegotiation.patch @@ -0,0 +1,38 @@ +From 95a0cfac8a1c8eff50f05e65df945da3bb501fc9 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Julien=20Rop=C3=A9?= +Date: Thu, 3 Dec 2020 09:33:48 +0100 +Subject: [PATCH] With OpenSSL 1.0.2 and earlier: disable client-side + renegotiation. +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Fixed issue #49 +Fixes BZ#1904459 + +Signed-off-by: Julien Ropé +Reported-by: BlackKD +Acked-by: Frediano Ziglio +--- + server/red-stream.cpp | 5 +++++ + 1 file changed, 5 insertions(+) + +diff --git a/server/red-stream.cpp b/server/red-stream.cpp +index 420433bd..c1f0f00c 100644 +--- a/server/red-stream.c ++++ b/server/red-stream.c +@@ -523,6 +523,11 @@ RedStreamSslStatus red_stream_ssl_accept(RedStream *stream) + return RED_STREAM_SSL_STATUS_OK; + } + ++#ifndef SSL_OP_NO_RENEGOTIATION ++ // With OpenSSL 1.0.2 and earlier: disable client-side renogotiation ++ stream->priv->ssl->s3->flags |= SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS; ++#endif ++ + ssl_error = SSL_get_error(stream->priv->ssl, return_code); + if (return_code == -1 && (ssl_error == SSL_ERROR_WANT_READ || + ssl_error == SSL_ERROR_WANT_WRITE)) { +-- +2.29.2 + diff --git a/0008-OpenSSL-1.1-disable-client-side-renegotiation.patch b/0008-OpenSSL-1.1-disable-client-side-renegotiation.patch new file mode 100644 index 0000000..cfd6cd1 --- /dev/null +++ b/0008-OpenSSL-1.1-disable-client-side-renegotiation.patch @@ -0,0 +1,36 @@ +From ca5bbc5692e052159bce1a75f55dc60b36078749 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Julien=20Rop=C3=A9?= +Date: Wed, 2 Dec 2020 13:39:27 +0100 +Subject: [PATCH 1/2] With OpenSSL 1.1: Disable client-initiated renegotiation. +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Fixes issue #49 +Fixes BZ#1904459 + +Signed-off-by: Julien Ropé +Reported-by: BlackKD +Acked-by: Frediano Ziglio +--- + server/reds.cpp | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/server/reds.cpp b/server/reds.cpp +index fe69508e..f61086cb 100644 +--- a/server/reds.c ++++ b/server/reds.c +@@ -2862,6 +2862,10 @@ static int reds_init_ssl(RedsState *reds) + * When some other SSL/TLS version becomes obsolete, add it to this + * variable. */ + long ssl_options = SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_COMPRESSION | SSL_OP_NO_TLSv1; ++#ifdef SSL_OP_NO_RENEGOTIATION ++ // With OpenSSL 1.1: Disable all renegotiation in TLSv1.2 and earlier ++ ssl_options |= SSL_OP_NO_RENEGOTIATION; ++#endif + + /* Global system initialization*/ + openssl_global_init(); +-- +2.29.2 + diff --git a/EMPTY b/EMPTY deleted file mode 100644 index 0519ecb..0000000 --- a/EMPTY +++ /dev/null @@ -1 +0,0 @@ - \ No newline at end of file diff --git a/sources b/sources new file mode 100644 index 0000000..87f5075 --- /dev/null +++ b/sources @@ -0,0 +1,3 @@ +SHA512 (spice-0.14.3.tar.bz2) = 9ecdc455ff25c71ac1fe6c576654b51efbfb860110bd6828065d23f7462d5c5cac772074d1a40f033386258d970b77275b2007bcfdffb23fdff2137154ea46e4 +SHA512 (spice-0.14.3.tar.bz2.sig) = 1f1fadebe7b4ecedcc98b6c622d83a39e7cbd6e67699dfde0ed6c3f443ef228578c16e409e2b6d0ef4e2d2b3d54b1d5c1798ac7817db50902a03cc323ba24181 +SHA512 (victortoso-E37A484F.keyring) = 091755da8a358c8c8ebd3b5443b4b5eb3c260afed943454c085d48c973de6a42763547c321c64e4da5c1b2983ad0c5146aaeddeb1d54ef414f7e6a530a3bf14a diff --git a/spice.spec b/spice.spec new file mode 100644 index 0000000..f1c1dd8 --- /dev/null +++ b/spice.spec @@ -0,0 +1,393 @@ +Name: spice +Version: 0.14.3 +Release: 4%{?dist} +Summary: Implements the SPICE protocol +Group: User Interface/Desktops +License: LGPLv2+ +URL: https://www.spice-space.org/ +Source0: https://www.spice-space.org/download/releases/%{name}-%{version}.tar.bz2 +Source1: https://www.spice-space.org/download/releases/%{name}-%{version}.tar.bz2.sig +Source2: victortoso-E37A484F.keyring +Patch1: 0001-quic-Check-we-have-some-data-to-start-decoding-quic-.patch +Patch2: 0002-quic-Check-image-size-in-quic_decode_begin.patch +Patch3: 0003-quic-Check-RLE-lengths.patch +Patch4: 0004-quic-Avoid-possible-buffer-overflow-in-find_bucket.patch + +Patch5: 0005-websocket-Fix-possible-integer-overflow.patch +Patch6: 0006-test-websocket-check-setsockopt-return-value.patch +Patch7: 0007-OpenSSL-1.0.2-disable-client-side-renegotiation.patch +Patch8: 0008-OpenSSL-1.1-disable-client-side-renegotiation.patch + +# https://bugzilla.redhat.com/show_bug.cgi?id=613529 +%if 0%{?rhel} && 0%{?rhel} <= 7 +ExclusiveArch: x86_64 +%else +ExclusiveArch: %{ix86} x86_64 %{arm} aarch64 +%endif + +BuildRequires: pkgconfig +BuildRequires: glib2-devel >= 2.38 +BuildRequires: spice-protocol >= 0.14.0 +BuildRequires: celt051-devel +BuildRequires: opus-devel +BuildRequires: pixman-devel openssl-devel libjpeg-devel +BuildRequires: libcacard-devel cyrus-sasl-devel +BuildRequires: lz4-devel +BuildRequires: gstreamer1-devel gstreamer1-plugins-base-devel +BuildRequires: orc-devel +BuildRequires: gnupg2 +BuildRequires: git-core +BuildRequires: python3-devel +BuildRequires: python3-pyparsing python3-six + +%description +The Simple Protocol for Independent Computing Environments (SPICE) is +a remote display system built for virtual environments which allows +you to view a computing 'desktop' environment not only on the machine +where it is running, but from anywhere on the Internet and from a wide +variety of machine architectures. + + +%package server +Summary: Implements the server side of the SPICE protocol +Group: System Environment/Libraries + +%description server +The Simple Protocol for Independent Computing Environments (SPICE) is +a remote display system built for virtual environments which allows +you to view a computing 'desktop' environment not only on the machine +where it is running, but from anywhere on the Internet and from a wide +variety of machine architectures. + +This package contains the run-time libraries for any application that wishes +to be a SPICE server. + + +%package server-devel +Summary: Header files, libraries and development documentation for spice-server +Group: Development/Libraries +Requires: %{name}-server%{?_isa} = %{version}-%{release} +Requires: pkgconfig + +%description server-devel +This package contains the header files, static libraries and development +documentation for spice-server. If you like to develop programs +using spice-server, you will need to install spice-server-devel. + + +%prep +gpgv2 --quiet --keyring %{SOURCE2} %{SOURCE1} %{SOURCE0} +%autosetup -S git_am + + +%build +%define configure_client --disable-client +%configure \ + --enable-smartcard \ + --disable-client \ + --enable-lz4 \ + --enable-celt051 \ + --enable-gstreamer=1.0 +make %{?_smp_mflags} WARN_CFLAGS='' V=1 + + +%install +make DESTDIR=%{buildroot} install +rm -f %{buildroot}%{_libdir}/libspice-server.a +rm -f %{buildroot}%{_libdir}/libspice-server.la +mkdir -p %{buildroot}%{_libexecdir} + + +%ldconfig_scriptlets server + + +%files server +%{!?_licensedir:%global license %%doc} +%license COPYING +%doc README CHANGELOG.md +%{_libdir}/libspice-server.so.1* + +%files server-devel +%{_includedir}/spice-server +%{_libdir}/libspice-server.so +%{_libdir}/pkgconfig/spice-server.pc + + +%changelog +* Tue Jan 19 2021 Julien Ropé - 0.14.3-4 +- Disable client-side renegotiation to prevent potential DoS + Resolves: rhbz#1904459 + +* Wed Jun 17 2020 Uri Lublin - 0.14.3-3 +- Fix some static analyzer issues +- Removed Obsoletes line for spice-client + Related: rhbz#1840240 + +* Mon Jun 1 2020 Frediano Ziglio - 0.14.3-2 +- Fix multiple buffer overflows in QUIC decoding code + Resolves: rhbz#1829946 + +* Thu May 28 2020 Frediano Ziglio - 0.14.3-1 +- Update to 0.14.3 + Revolves: rhbz#1840240 + +* Fri May 17 2019 Victor Toso - 0.14.2-1 +- Update to 0.14.2 + Resolves: rhbz#1562123 + +* Fri May 10 2019 Victor Toso - 0.14.0-8 +- Fix builds on 8.1.0 branch +- Fix gating test (add bug) + Resolves: rhbz#1686518 + +* Tue Dec 18 2018 Christophe Fergeau - 0.14.0-7 +- Fix off-by-one error during guest-to-host memory address conversion + Resolves: CVE-2019-3813 + +* Fri Aug 17 2018 Frediano Ziglio - 0.14.0-6 +- Fix flexible array buffer overflow + Resolves: rhbz#1618555 + +* Mon Aug 13 2018 Victor Toso - 0.14.0-5 +- Include python3-devel to not fail on rhel-8.0 builds +- Resolves: rhbz#1615570 + +* Fri Feb 09 2018 Fedora Release Engineering - 0.14.0-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild + +* Sat Feb 03 2018 Igor Gnatenko - 0.14.0-3 +- Switch to %%ldconfig_scriptlets + +* Wed Nov 08 2017 Merlin Mathesius - 0.14.0-2 +- Cleanup spec file conditionals + +* Wed Oct 11 2017 Christophe Fergeau - 0.14.0-1 +- Update to new stable release + +* Tue Sep 26 2017 Christophe Fergeau - 0.13.91-1 +- Update to latest upstream release + +* Thu Aug 24 2017 Christophe Fergeau - 0.13.90-3 +- Add missing (new) BuildRequires, remove obsolete one + +* Thu Aug 03 2017 Fedora Release Engineering - 0.13.90-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild + +* Wed Jul 26 2017 Christophe Fergeau 0.13.90-1 +- Update to latest upstream release (0.13.90) + +* Mon Feb 06 2017 Christophe Fergeau 0.13.3-2 +- Add upstream patches fixing CVE-2016-9577 and CVE-2016-9578 + +* Mon Nov 21 2016 Christophe Fergeau 0.13.3-1 +- Update to spice 0.13.3 + +* Fri Aug 05 2016 Christophe Fergeau - 0.13.2-1 +- Update to spice 0.13.2 + +* Tue Jun 14 2016 Peter Robinson 0.13.1-2 +- Use %%license +- Build on aarch64 + +* Wed Apr 13 2016 Christophe Fergeau 0.13.1-1 +- Update to 0.13.1 release. This is a development release, but by the + time Fedora 25 gets released, a stable 0.14.0 should be released. + +* Fri Feb 05 2016 Fedora Release Engineering - 0.12.6-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild + +* Tue Oct 06 2015 Christophe Fergeau 0.12.6-1 +- Update to new 0.12.6 upstream release + +* Wed Jul 29 2015 Christophe Fergeau 0.12.5-9 +- Drop patch added in previous build which is no longer needed with + spice-protocol 0.12.9 (and actually is actually breaking QEMU compilation + without an additional patch) + +* Fri Jul 03 2015 Christophe Fergeau 0.12.5-8 +- Add upstream patch avoiding a regression in spice-protocol 0.12.8 which + breaks SPICE support in QEMU + +* Thu Jul 02 2015 Christophe Fergeau 0.12.5-7 +- Fix migration race condition which causes a crash when triggered + Resolves: rhbz#1238212 + +* Fri Jun 19 2015 Fedora Release Engineering - 0.12.5-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild + +* Mon Aug 25 2014 Christophe Fergeau 0.12.5-5 +- Fix advertised sound playback/recording rates in public headers + Resolves: rhbz#1129961 (QEMU would need a rebuild though) + +* Mon Aug 18 2014 Fedora Release Engineering - 0.12.5-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild + +* Sun Jun 08 2014 Fedora Release Engineering - 0.12.5-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild + +* Mon May 19 2014 Christophe Fergeau 0.12.5-2 +- Add missing BuildRequires in order to enable Opus support + +* Mon May 19 2014 Christophe Fergeau 0.12.5-1 +- Update to new 0.12.5 release + +* Wed Oct 30 2013 Christophe Fergeau 0.12.4-3 +- Add patch fixing CVE-2013-4282 + +* Fri Sep 13 2013 Christophe Fergeau 0.12.4-2 +- Add upstream patch fixing rhbz#995041 + +* Fri Aug 2 2013 Hans de Goede - 0.12.4-1 +- New upstream bug-fix release 0.12.4 +- Add patches from upstream git to fix sound-channel-free crash (rhbz#986407) +- Add Obsoletes for dropped spice-client sub-package + +* Thu May 23 2013 Christophe Fergeau 0.12.3-2 +- Stop building spicec, it's obsolete and superseded by remote-viewer + (part of virt-viewer) + +* Tue May 21 2013 Christophe Fergeau 0.12.3-1 +- New upstream release 0.12.3 +- Drop all patches (they were all upstreamed) + +* Mon Apr 15 2013 Hans de Goede - 0.12.2-4 +- Add fix from upstream for a crash when the guest uses RGBA (rhbz#952242) + +* Thu Mar 07 2013 Adam Jackson 0.12.2-4 +- Rebuild for new libsasl2 soname in F19 + +* Mon Jan 21 2013 Hans de Goede - 0.12.2-3 +- Add a number of misc. bug-fixes from upstream + +* Fri Dec 21 2012 Adam Tkac - 0.12.2-2 +- rebuild against new libjpeg + +* Thu Dec 20 2012 Hans de Goede - 0.12.2-1 +- New upstream release 0.12.2 + +* Fri Sep 28 2012 Hans de Goede - 0.12.0-1 +- New upstream release 0.12.0 +- Some minor spec file cleanups +- Enable building on arm + +* Thu Sep 6 2012 Soren Sandmann - 0.11.3-1 +- BuildRequire pyparsing + +* Thu Sep 6 2012 Soren Sandmann - 0.11.3-1 +- Add capability patches +- Add capability patches to the included copy of spice-protocol + + Please see the comment above Patch6 and Patch7 + regarding this situation. + +* Thu Sep 6 2012 Soren Sandmann - 0.11.3-1 +- Update to 0.11.3 and drop upstreamed patches +- BuildRequire spice-protocol 0.12.1 + +* Sat Jul 21 2012 Fedora Release Engineering - 0.10.1-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild + +* Mon May 14 2012 Alon Levy +- Fix mjpeg memory leak and bad behavior. +- Add usbredir to list of channels for security purposes. (#819484) + +* Sun May 13 2012 Alon Levy +- Add double free fix. (#808936) + +* Tue Apr 24 2012 Alon Levy +- Add 32 bit fixes from git master. (#815717) + +* Tue Feb 28 2012 Fedora Release Engineering - 0.10.1-2 +- Rebuilt for c++ ABI breakage + +* Mon Jan 23 2012 Hans de Goede - 0.10.1-1 +- New upstream release 0.10.1 + +* Sat Jan 14 2012 Fedora Release Engineering - 0.10.0-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild + +* Thu Nov 10 2011 Alon Levy - 0.10.0-1 +- New upstream release 0.10.0 +- support spice-server.i686 + +* Wed Sep 28 2011 Marc-André Lureau - 0.9.1-2 +- Provides spice-xpi-client alternative in spice-client + +* Thu Aug 25 2011 Hans de Goede - 0.9.1-1 +- New upstream release 0.9.1 + +* Mon Jul 25 2011 Marc-André Lureau - 0.9.0-1 +- New upstream release 0.9.0 + +* Wed Apr 20 2011 Hans de Goede - 0.8.1-1 +- New upstream release 0.8.1 + +* Fri Mar 11 2011 Hans de Goede - 0.8.0-2 +- Fix being unable to send ctrl+alt+key when release mouse is bound to + ctrl+alt (which can happen when used from RHEV-M) + +* Tue Mar 1 2011 Hans de Goede - 0.8.0-1 +- New upstream release 0.8.0 + +* Fri Feb 11 2011 Hans de Goede - 0.7.3-1 +- New upstream release 0.7.3 + +* Wed Feb 09 2011 Fedora Release Engineering - 0.7.2-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild + +* Wed Jan 19 2011 Hans de Goede - 0.7.2-1 +- New upstream release 0.7.2 + +* Fri Dec 17 2010 Hans de Goede - 0.7.1-1 +- New upstream release 0.7.1 +- Drop all patches (all upstreamed) +- Enable smartcard (CAC) support + +* Wed Nov 17 2010 Hans de Goede - 0.6.3-4 +- Fix the info layer not showing when used through the XPI +- Do not let the connection gui flash by when a hostname has been specified + on the cmdline +- Fix spice client locking up when dealing with XIM input (#654265) +- Fix modifier keys getting stuck (#655048) +- Fix spice client crashing when dealing with XIM ibus input (#655836) +- Fix spice client only showing a white screen in full screen mode + +* Sat Nov 6 2010 Hans de Goede - 0.6.3-3 +- Log to ~/.spicec/cegui.log rather then to CEGUI.log in the cwd, this + fixes spicec from aborting when run in a non writable dir (#650253) + +* Fri Nov 5 2010 Hans de Goede - 0.6.3-2 +- Various bugfixes from upstream git: + - Make spicec work together with the Firefox XPI for RHEV-M + - Make sure the spicec window gets properly raised when first shown + +* Mon Oct 18 2010 Hans de Goede - 0.6.3-1 +- Update to 0.6.3 +- Enable GUI + +* Thu Sep 30 2010 Gerd Hoffmann - 0.6.1-1 +- Update to 0.6.1. + +* Tue Aug 31 2010 Alexander Larsson - 0.6.0-1 +- Update to 0.6.0 (stable release) + +* Tue Jul 20 2010 Alexander Larsson - 0.5.3-1 +- Update to 0.5.3 + +* Tue Jul 13 2010 Gerd Hoffmann - 0.5.2-4 +- Quote %% in changelog to avoid macro expansion. + +* Mon Jul 12 2010 Gerd Hoffmann - 0.5.2-3 +- %%configure handles CFLAGS automatically, no need to fiddle + with %%{optflags} manually. + +* Mon Jul 12 2010 Gerd Hoffmann - 0.5.2-2 +- Fix license: LGPL. +- Cleanup specfile, drop bits not needed any more with + recent rpm versions (F13+). +- Use optflags as-is. +- + +* Fri Jul 9 2010 Gerd Hoffmann - 0.5.2-1 +- initial package. +