此内容没有您所选择的语言版本。

7.234. spice-server


Updated spice-server packages that fix several bugs and add various enhancements are now available for Red Hat Enterprise Linux 6.
The Simple Protocol for Independent Computing Environments (SPICE) is a remote display protocol for virtual environments. SPICE users can access a virtualized desktop or server from the local system or any system with network access to the server. SPICE is used in Red Hat Enterprise Linux for viewing virtualized guests running on the Kernel-based Virtual Machine (KVM) hypervisor or on Red Hat Enterprise Virtualization Hypervisors.

Note

The spice-server package has been upgraded to upstream version 0.12.0, which provides a number of bug fixes and enhancements over the previous version. (BZ#842353)

Bug Fixes

BZ#787694
Previously, when the "-spice" command line option of the qemu-kvm command contained invalid parameters, the SPICE server terminated unexpectedly. This behavior has been modified, and SPICE server now returns a proper error value when incorrect parameters are passed.
BZ#824384
Previously, resolution changes run in a loop on a guest virtual machine led the qemu-kvm process to fail with the SIGABRT signal. This was caused by calling the ring _remove() function twice by the red_worker script. This bug has been fixed, and qemu-kvm no longer crashes in the described case.
BZ#864982
Previously, non-RGB images with masks were omitted when rendering the guest user interface with the spice-server package. Consequently, certain icons were rendered incorrectly. This bug has been fixed, and the rendering errors no longer occur.
BZ#876685
Using the LZ compression for server self-created images resulted in incorrect stride values, which caused SPICE server to abort. With this update, the LZ compression is no longer used for these images to prevent SPICE server termination.
BZ#881980
Previously, messages from a client to the spice-vdagent agent were received by SPICE server, even after the agent had already disconnected from the server. These messages were mishandled and in certain circumstances could cause SPICE server to terminate unexpectedly. Now, these messages are dropped by the server, thus preventing this bug.
BZ#891326
When trying to change the settings of the "3D Flying Objects" screen saver, SPICE server was forced to access already freed pointers. Consequently, SPICE server terminated unexpectedly with a segmentation fault. With this update, the sequence of operations has been reordered to prevent the segmentation fault.

Enhancements

BZ#836123
With this update, a seamless migration of the SPICE server has been enabled to ensure the full data transfer. This change required modifications in the QUEMU emulator and the libvirt library. The "seamless-migration=on" argument has been added to SPICE's QUEMU arguments. In case this argument is not set, SPICE returns to the old migration pathway.
BZ#842310
This update adds support for multiple monitors and arbitrary screen resolutions.
All users of spice-server are advised to upgrade to these updated packages, which fix these bugs and add these enhancements.
An updated spice-server package that fixes one security issue is now available for Red Hat Enterprise Linux 6.
The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link associated with the description below.
The Simple Protocol for Independent Computing Environments (SPICE) is a remote display protocol for virtual environments. SPICE users can access a virtualized desktop or server from the local system or any system with network access to the server. SPICE is used in Red Hat Enterprise Linux for viewing virtualized guests running on the Kernel-based Virtual Machine (KVM) hypervisor or on Red Hat Enterprise Virtualization Hypervisors.

Security Fix

CVE-2013-4282
A stack-based buffer overflow flaw was found in the way the reds_handle_ticket() function in the spice-server library handled decryption of ticket data provided by the client. A remote user able to initiate a SPICE connection to an application acting as a SPICE server could use this flaw to crash the application.
This issue was discovered by Tomas Jamrisko of Red Hat.
All spice-server users are advised to upgrade to this updated package, which contains a backported patch to correct this issue.
Red Hat logoGithubRedditYoutubeTwitter

学习

尝试、购买和销售

社区

关于红帽文档

通过我们的产品和服务,以及可以信赖的内容,帮助红帽用户创新并实现他们的目标。

让开源更具包容性

红帽致力于替换我们的代码、文档和 Web 属性中存在问题的语言。欲了解更多详情,请参阅红帽博客.

關於紅帽

我们提供强化的解决方案,使企业能够更轻松地跨平台和环境(从核心数据中心到网络边缘)工作。

© 2024 Red Hat, Inc.