Commit Graph

33 Commits

Author SHA1 Message Date
Peter Marko 604a54d742 spice: set CVE-2016-2150 status to fixed
Debian has fixed this CVE with [1].
That patch is taken from [2].

.../tmp/work/core2-64-poky-linux/spice/0.15.2/git$ git describe 69628ea13
v0.13.1-190-g69628ea1
.../tmp/work/core2-64-poky-linux/spice/0.15.2/git$ git tag --contains 69628ea13
v0.13.2

[1] https://sources.debian.org/patches/spice/0.12.5-1%2Bdeb8u5/CVE-2016-2150/0002-improve-primary-surface-parameter-checks.patch/
[2] https://gitlab.freedesktop.org/spice/spice/-/commit/69628ea1375282cb7ca5b4dc4410e7aa67e0fc02

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit e44f3251b5)
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
2026-03-24 08:52:04 +05:30
Peter Marko bc575f49a2 spice: ignore CVE-2016-0749
NVD tracks this as version-less CVE for spice.
It was fixed by [1] and [2] included in 0.13.2.

[1] https://gitlab.freedesktop.org/spice/spice/-/commit/6b32af3e1746988bb5a5123263bcf61b65e5be7e
[2] https://gitlab.freedesktop.org/spice/spice/-/commit/359ac42a7ac02dcd1013757559292006647cd5c4

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 073e845274)
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
2026-03-24 08:52:04 +05:30
Markus Volk 94b6de1cbc spice: Set meson version based on PV
This fixes:
| Dependency spice-server found: NO found UNKNOWN but need: '>=0.14.0'
| Run-time dependency spice-server found: NO
|
| ../qemu-8.1.2/meson.build:1038:10: ERROR: Dependency lookup for spice-server
with method 'pkgconfig' failed: Invalid version, need 'spice-server'
['>=0.14.0'] found 'UNKNOWN'.

Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2023-11-29 23:40:10 -08:00
Markus Volk 1bc98e3643 spice: add missing dependency on orc
this fixes:
meson.build:139:23: ERROR: Dependency "orc-0.4" not found, tried pkgconfig

Signed-off-by: Markus Volk <f_l_k@t-online.de>
Acked-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2023-08-30 14:45:47 -07:00
Markus Volk 9320d33900 spice: upgrade 0.14.2 -> 0.15.2
-switch to meson buildsystem
-remove patches
-update dependencies
-fetch spice-common as a submodule

Major Changes in 0.15.2:
Really minor fix release, mainly to fix a distribution issue

Add missing file to distribution
Fix sound recording fix in case of buffer wrapping

Major Changes in 0.15.1:

Fix some compatibility issues with FreeBSD
Fix some minor issue with build
Improve packaging with Meson
Lot of C++ improves (clang-tidy)
Fix some compatibility with no-Glibc libraries (like Musl)
Fix minor leaks shutting down library
Add Doxygen file to distribution
Fix a longstanding issue related to surface updates where wrong surfaces were possibly used
Fix compatibility with OpenSSL 3
Updates and fixes for CI
Use more random connection IDs to fix possible issues with proxies

Major Changes in 0.15:
This is the first release in the new 0.15.x stable series. This release should
be ready for production use.

Minor updates to CI
Some compatibility with OpenSSL
Change the behavior of handle_dev_start ignoring multiple start requests
Ignore multiple calls to handle_dev_stop
Pick up newer spice-common to fix a buffer overflow issue

Major Changes in 0.14.91:
IMPORTANT
0.14.91 is the first release candidate for the stable 0.15.x series. While some
bugs might still be present, it should be reasonably stable. If you are looking
for stability for daily use, please keep using the latest 0.14.x release.

Support UNIX abstract sockets
Fix some potential thread race condition in RedClient
Many cleanups in the code
Improve migration test script
Update in protocol documentation
Improve Meson build
Removed CELT support
Update CI
Removed QXLWorker definition, it was deprecated 6 years ago
Fix some compatibility with MacOS
Fix some compatibility with Windows
Move the project to C++
Some fixes for SASL dealing with WebDAV
Fix minor Coverity reports
Add Doxygen support, manually built with "make doxy"
Support more mouse buttons (up to 16 buttons)
CVE-2020-14355 multiple buffer overflow vulnerabilities in QUIC decoding
code

Major Changes in 0.14.3:
Main changes are WebSocket and support for Windows.

Add support for WebSocket, this will allow to use spice-html5 without proxy
Support Windows, now Qemu Windows can be build enabling Spice
Fix some alignment problem
Converted some documentation to Asciidoc format to make easier to update,
updated some
Minor compatibility fix for PPC64EL and ARMHF
Minor fixes for big endian machines like MIPS
Avoid some crashes with some buggy guest drivers, simply ignore the invalid
request
Fix for old OpenSSL versions
Minor fix for Windows clients and brushes, fixed an issue with Photoshop
under Windows 7
Add ability to query video-codecs
Small use-after-free fix
Fix for debugging recording/replaying using QUIC images
Fix a regression where spice reported no monitors to the client
Fix DoS in spicevmc if WebDAV used
Updated and improved test migration script
Some minor fixes to smartcard support
Avoid possible disconnection using proxies using a in-flow keepalive
mechanism

Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2023-08-26 17:32:44 -07:00
Andrej Valek 8af2f17a6f cve_check: convert CVE_CHECK_IGNORE to CVE_STATUS
- Try to add convert and apply statuses for old CVEs
- Drop some obsolete ignores, while they are not relevant for current
  version

Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2023-07-27 08:54:40 -07:00
Fabio Estevam 022e65ccd4 spice: Include aarch64 to COMPATIBLE_HOST
Allow spice to be built on ARM64 as well, so add aarch64
entry to COMPATIBLE_HOST.

Signed-off-by: Fabio Estevam <festevam@denx.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2022-10-10 13:53:51 -07:00
Davide Gardenal dd25c78889 spice: ignore patched CVEs
The following CVEs are already patched so we can ignore them:
- CVE-2016-0749
- CVE-2016-2150
- CVE-2018-10893

This is caused by inaccurate CPE in the NVD database.

Signed-off-by: Davide Gardenal <davide.gardenal@huawei.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2022-07-06 05:08:49 -07:00
Khem Raj 7d8a0e840d recipes: Update LICENSE variable to use SPDX license identifiers
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2022-03-04 17:41:45 -08:00
Ross Burton 05a0b52ac6 spice: set correct LICENSE
Remove BSD, as this package is entirely LGPL2+.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2022-02-03 08:44:32 -08:00
Richard Purdie b402a3076f recipes: Update SRC_URI branch and protocols
This patch updates SRC_URIs using git to include branch=master if no branch is set
and also to use protocol=https for github urls as generated by the conversion script
in OE-Core.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2021-11-03 06:57:49 -07:00
Martin Jansa c61dc077bb Convert to new override syntax
This is the result of automated script (0.9.1) conversion:

oe-core/scripts/contrib/convert-overrides.py .

converting the metadata to use ":" as the override character instead of "_".

Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
2021-08-03 10:21:25 -07:00
Hongxu Jia bf527522e0 spice: make conpatible to autoconf-2.70
In order to build with autoconf 2.7, explicitly link to jpeg lib
since lib jpeg is already in DEPENDS
...
| checking for jpeglib.h... ../git/configure: line 16008: CPP: command not found
...

Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2021-02-05 10:59:49 -08:00
Khem Raj 02c21a0342 spice: Add leading whitespace for append operator
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2020-11-15 12:25:53 -08:00
Khem Raj 5af264c7b4 spice: Use python3 and modules during build
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2020-01-24 09:25:35 -08:00
Khem Raj 66454b26ff meta-networking: Remove using python2
This change makes the parsing go though, we still might have build
issues, which will be reported in world builds seprately

Signed-off-by: Khem Raj <raj.khem@gmail.com>
2020-01-22 09:56:34 -08:00
Martin Jansa e6d76b05a7 Revert "spice: Drop broken native"
This reverts commit 5f32fd6b08.

* fixed by restricting -Wno-error=address-of-packed-member only for
  target, spice-native is still useful for qemu-native when spice
  PACKAGECONFIG is enabled

Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2019-10-01 08:51:19 -07:00
Martin Jansa d002adaf59 spice: ignore all warnings not just address-of-packed-member
* with older native gcc on host this will break spice-native with:
  cc1: error: -Werror=address-of-packed-member: no option -Waddress-of-packed-member
  because older gcc doesn't recognize address-of-packed-member warning
  to work around this ignore them all

Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2019-10-01 08:51:19 -07:00
Robert Yang 5f32fd6b08 spice: Drop broken native
$ bitbake spice-native
checking whether the C compiler works... no
configure: error: in `/path/to/spice-native/0.14.2+gitAUTOINC+7cbd70b931_4fc4c2db36-r0/build':
configure: error: C compiler cannot create executables

It's a broken native recipe which means no ones need it any more, so remove it.

Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2019-09-25 09:48:19 -07:00
Martin Jansa 229a047d9d spice: append to CFLAGS instead of +=
* so that -Wno-address-of-packed-member is used for all the builds not
  only for target builds
* with native it was overwritten with BUILD_CFLAGS and for nativesdk with
  BUILDSDK_CFLAGS
* this issue isn't specific for gcc-9 as the original commit said, I see
  nativesdk-spice failing on older hosts with gcc-7 with the same issue
* also use -Wno-error=address-of-packed-member instead of
  -Wno-address-of-packed-member so that there is still a warning, just
  not fatal for the build in combination with -Werror.

Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2019-06-15 16:45:33 -07:00
Hongzhi.Song b47aae2d61 spice: fix compile errors on 32bit system
There are folowing compile errors on Linux 32bit system:

red-channel.c:207:73: error: format '%x' expects argument of type
'unsigned int', but argument 7 has type 'long unsigned int' [-Werror=format=]
|207| red_channel_debug(self, "thread_id 0x%" G_GSIZE_MODIFIER "x",
                                ~~~~~~~~~~~~~~~~~~~~~^
                        self->priv->thread_id);
                ~~~~~~~~~~~~~~~~~~~~~^

On 32bit system, #define G_GSIZE_MODIFIER "". But the type of
'self->priv->thread_id' is 'unsigned long int' which should match '%lx'
not '%x'.

So we should recovery the <0x%" G_GSIZE_MODIFIER "x"> to <0x%lx">.
And others files modification are similar to G_GSIZE_MODIFIER.

Signed-off-by: Hongzhi.Song <hongzhi.song@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2019-06-15 16:45:32 -07:00
Khem Raj 4ee7becad0 spice,spice-protocol: Uprev to 0.14.0
Drop the patch for fixing printf formatting, its fixed differently
upstream

Forward port pthread_t printf patch

Add -Wno-address-of-packed-member needed with gcc9

replace _append += with just _append syntax

Signed-off-by: Khem Raj <raj.khem@gmail.com>
2019-05-23 10:46:34 -07:00
Martin Jansa d347312b9a spice: cleanup leftover patch from upgrade to 0.13.90
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2018-09-14 19:01:41 -07:00
Changqing Li cff2f38874 spice: fix compile error on 32bit system
Fix below compile error on 32bit system,  since input argument
is uLong, but use format %d:
format '%d' expects argument of type 'int', but argument 6 has type
'long unsigned int' [-Werror=format=]

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2018-09-14 19:01:41 -07:00
zhe.he@windriver.com 1d26140980 spice: Upgrade 0.14.0 -> 0.14.1
Adjust location of spice-common source as new spice asks spice-common
to be put under "subprojects" directory.

Disable -Werror when building with clang for the moment. Some non-trivial
changes need to be made to fix the warnings clang give.

Signed-off-by: He Zhe <zhe.he@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2018-09-05 13:59:16 -07:00
Jason Wessel 5bea57467e spice: Uprev to latest and add opus PKGCONFIG
In the uprev, spice now expects to compile with libopus by
default. This patch adds a PKGCONFIG option for libopus such that it
will still compile as it has in the past.

Compilation has been tested with and without opus support.

Signed-off-by: Jason Wessel <jason.wessel@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2018-06-18 09:24:52 -07:00
Khem Raj 52904e7535 spice: Fix build with musl
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2018-06-17 00:53:40 -07:00
Jeremy Puhlman 0f29f2e0c6 spice: Update to git hash to pick up gcc8 fixes.
Signed-off-by: Jeremy Puhlman <jpuhlman@mvista.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2018-06-14 08:57:14 -07:00
Martin Jansa 9ad55bf1e6 spice: use latest version
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2018-05-17 08:32:26 -07:00
Martin Jansa d182f4170f spice: upgrade to 0.13.90 version
* 0.13.0 is needed for opengl support, see qemu commit:
  https://git.qemu.org/?p=qemu.git;a=commitdiff;h=474114b7305cc1be7c2ee8ba5267be159a9d56e3
  +# if SPICE_SERVER_VERSION >= 0x000d00 /* release 0.13.0 */
  +#  define HAVE_SPICE_GL 1
  otherwise trying to run qemu with -spice gl=on fails with:
  qemu-system-x86_64: -spice gl=on: Invalid parameter 'gl'
* spice-protocol is built separately since 0.12.6
  * spice-protocol submodule has been removed,, spice-protocol must now
    be installed when building spice-server
* celt051 is optional since 0.12.5, use PACKAGECONFIG for it
  * Added Opus support. Celt support will be obsoleted in a future release.

Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2018-05-17 08:32:26 -07:00
Martin Jansa b379fcebf9 spice: fix build with FORTIFY_SOURCES already defined in native gcc
* e.g. on gentoo hosts
* use 4 spaces for indentation

Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2018-05-17 08:32:26 -07:00
Martin Jansa 7598d49f6e spice: fix dependency on python-pyparsing, add support for native(sdk)
* drop PR
* add +git to PV
* drop python-pyparsing dependency, because python-pyparsing is in
  meta-python
* replace dependency on python-pyparsing with python-pyparsing-native
  which is used to generate client/generated_marshallers.cpp

Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2018-05-17 08:32:26 -07:00
Martin Jansa 63a5e273b7 spice: import from meta-cloud-services
* http://git.yoctoproject.org/cgit/cgit.cgi/meta-cloud-services/commit/recipes-support/spice/spice_git.bb?id=19f0c979abbc72a300c0b1cb92f9328f96728f5a
* will be used by qemu-native to provide a way for headless servers
  to export accelerated (virglrenderer) graphics to remove clients

Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2018-05-17 08:32:26 -07:00