- Issued:
- 2015-07-22
- Updated:
- 2015-07-22
RHBA-2015:1394 - spice-server bug fix update
Synopsis
spice-server bug fix update
Type/Severity
Bug Fix Advisory
Topic
Updated spice-server packages that fix two bugs are now available for Red Hat Enterprise Linux 6.
Description
The Simple Protocol for Independent Computing Environments (SPICE) is a remote display protocol for virtual environments. SPICE users can access a virtualized desktop or server from the local system or any system with network access to the server. SPICE is used in Red Hat Enterprise Linux for viewing virtualized guests running on the Kernel-based Virtual Machine (KVM) hypervisor or on Red Hat Enterprise Virtualization Hypervisors.
This update fixes the following bugs:
-
Prior to this update, when using the "rhel6.0.0" Quick Emulator (QEMU) machine type, the guest could receive invalid drawing commands. Consequently, spice-server terminated unexpectedly. With this update, spice-server detects these invalid drawing commands and ignores them. As a result, spice-server no longer crashes when using the "rhel6.0.0" QEMU machine type. (BZ#1135372)
-
Previously, when using a client with the spice-gtk package version 0.12 or earlier, spice-server did not correctly handle resetting a guest. Consequently, spice-server could terminate unexpectedly with a segmentation fault when resetting a guest. With this update, spice-server properly handles a NULL pointer dereference in the code that handles the spice agent channel, thus avoiding the segmentation fault. As a result, spice-server no longer crashes in this situation. (BZ#1163480)
Users of spice-server are advised to upgrade to these updated packages, which fix these bugs.
Solution
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
Affected Products
| Product | Version | Arch |
|---|---|---|
| Red Hat Enterprise Linux for Scientific Computing | 6 | x86_64 |
| Red Hat Enterprise Linux Workstation | 6 | x86_64 |
| Red Hat Enterprise Linux Server | 6 | x86_64 |
| Red Hat Enterprise Linux Server from RHUI | 6 | x86_64 |
| Red Hat Enterprise Linux Server - Retired Extended Life Cycle Support | 6 | x86_64 |
| Red Hat Enterprise Linux Server - Extended Life Cycle Support | 6 | x86_64 |
| Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension | 6 | x86_64 |
| Red Hat Enterprise Linux Desktop | 6 | x86_64 |
Updated Packages
- spice-server-debuginfo-0.12.4-12.el6.x86_64.rpm
- spice-server-0.12.4-12.el6.x86_64.rpm
- spice-server-0.12.4-12.el6.src.rpm
- spice-server-devel-0.12.4-12.el6.x86_64.rpm
Fixes
CVEs
(none)
References
(none)
Additional information
- The Red Hat security contact is This content is not included.secalert@redhat.com. More contact details at Security Contacts and Procedures.
- Offline Security Data data is available for integration with other systems. See Offline Security Data API to get started.