このコンテンツは選択した言語では利用できません。

7.234. spice-server


Updated spice-server packages that fix several bugs and add various enhancements are now available for Red Hat Enterprise Linux 6.
The Simple Protocol for Independent Computing Environments (SPICE) is a remote display protocol for virtual environments. SPICE users can access a virtualized desktop or server from the local system or any system with network access to the server. SPICE is used in Red Hat Enterprise Linux for viewing virtualized guests running on the Kernel-based Virtual Machine (KVM) hypervisor or on Red Hat Enterprise Virtualization Hypervisors.

Note

The spice-server package has been upgraded to upstream version 0.12.0, which provides a number of bug fixes and enhancements over the previous version. (BZ#842353)

Bug Fixes

BZ#787694
Previously, when the "-spice" command line option of the qemu-kvm command contained invalid parameters, the SPICE server terminated unexpectedly. This behavior has been modified, and SPICE server now returns a proper error value when incorrect parameters are passed.
BZ#824384
Previously, resolution changes run in a loop on a guest virtual machine led the qemu-kvm process to fail with the SIGABRT signal. This was caused by calling the ring _remove() function twice by the red_worker script. This bug has been fixed, and qemu-kvm no longer crashes in the described case.
BZ#864982
Previously, non-RGB images with masks were omitted when rendering the guest user interface with the spice-server package. Consequently, certain icons were rendered incorrectly. This bug has been fixed, and the rendering errors no longer occur.
BZ#876685
Using the LZ compression for server self-created images resulted in incorrect stride values, which caused SPICE server to abort. With this update, the LZ compression is no longer used for these images to prevent SPICE server termination.
BZ#881980
Previously, messages from a client to the spice-vdagent agent were received by SPICE server, even after the agent had already disconnected from the server. These messages were mishandled and in certain circumstances could cause SPICE server to terminate unexpectedly. Now, these messages are dropped by the server, thus preventing this bug.
BZ#891326
When trying to change the settings of the "3D Flying Objects" screen saver, SPICE server was forced to access already freed pointers. Consequently, SPICE server terminated unexpectedly with a segmentation fault. With this update, the sequence of operations has been reordered to prevent the segmentation fault.

Enhancements

BZ#836123
With this update, a seamless migration of the SPICE server has been enabled to ensure the full data transfer. This change required modifications in the QUEMU emulator and the libvirt library. The "seamless-migration=on" argument has been added to SPICE's QUEMU arguments. In case this argument is not set, SPICE returns to the old migration pathway.
BZ#842310
This update adds support for multiple monitors and arbitrary screen resolutions.
All users of spice-server are advised to upgrade to these updated packages, which fix these bugs and add these enhancements.
An updated spice-server package that fixes one security issue is now available for Red Hat Enterprise Linux 6.
The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link associated with the description below.
The Simple Protocol for Independent Computing Environments (SPICE) is a remote display protocol for virtual environments. SPICE users can access a virtualized desktop or server from the local system or any system with network access to the server. SPICE is used in Red Hat Enterprise Linux for viewing virtualized guests running on the Kernel-based Virtual Machine (KVM) hypervisor or on Red Hat Enterprise Virtualization Hypervisors.

Security Fix

CVE-2013-4282
A stack-based buffer overflow flaw was found in the way the reds_handle_ticket() function in the spice-server library handled decryption of ticket data provided by the client. A remote user able to initiate a SPICE connection to an application acting as a SPICE server could use this flaw to crash the application.
This issue was discovered by Tomas Jamrisko of Red Hat.
All spice-server users are advised to upgrade to this updated package, which contains a backported patch to correct this issue.
Red Hat logoGithubRedditYoutubeTwitter

詳細情報

試用、購入および販売

コミュニティー

Red Hat ドキュメントについて

Red Hat をお使いのお客様が、信頼できるコンテンツが含まれている製品やサービスを活用することで、イノベーションを行い、目標を達成できるようにします。

多様性を受け入れるオープンソースの強化

Red Hat では、コード、ドキュメント、Web プロパティーにおける配慮に欠ける用語の置き換えに取り組んでいます。このような変更は、段階的に実施される予定です。詳細情報: Red Hat ブログ.

会社概要

Red Hat は、企業がコアとなるデータセンターからネットワークエッジに至るまで、各種プラットフォームや環境全体で作業を簡素化できるように、強化されたソリューションを提供しています。

© 2024 Red Hat, Inc.