spice-gtk-0.20-11.AXS4
エラータID: AXSA:2014-014:01
Client libraries for SPICE desktop servers.
Security issues fixed with this release:
• CVE-2013-4324
spice-gtk 0.14, and possibly other versions, invokes the polkit authority using the insecure polkit_unix_process_new API function, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1) setuid process or (2) pkexec process, a related issue to CVE-2013-4288.
Fixed bugs:
• Upgraded to upstream version 0.20, which provides a number of bug fixes and enhancements over the previous version. Notable improvements are tunnelling through the HTTP proxy server, improved multi-monitor support, and various USB redirection fixes.
• Tightened the dependencies so that spice-gtk cannot be installed unless the GTK+ and GLib versions it requires are installed as well.
• Spice-gtk can now connect to a secure port y default, instead of always trying plain ports first.
• Previously, pressing Shift+CTRL+V on a message window in MS Outlook would crash the spice-gtk client. This has been fixed.
• Previously, on a MS Windows guest, the mouse pointer was not contrasted enough when put over a PuTTy session. This has been fixed.
• Timeout has been reduced from 120 to 10 seconds when trying to connect to an unreachable host.
• Previously, spice-gtk Smartcard support stopped after migration or restarting a guest when it was already initialized. The current workaround is to not disable software Smartcard support at spice-gtk connection time if libcacard reports that software Smartcard support is already initialized.
Enhancements:
• Added support for HTTP proxy server support in SPICE clients. The SPICE client nowconnects to the remote server using the proxy server specified by the environment SPICE_PROXY=host:port variable, or by the controller.
• When using copy and paste between Asianux Server Linux and Microsoft Windows, the end of line sequences are translated into the target OS.
• Adjusted the adaptive video streaming settings to improve experience over low speed networks.
Update packages.
spice-gtk 0.14, and possibly other versions, invokes the polkit authority using the insecure polkit_unix_process_new API function, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1) setuid process or (2) pkexec process, a related issue to CVE-2013-4288.
N/A
SRPMS
- spice-gtk-0.20-11.AXS4.src.rpm
MD5: 3535bc6c2a83080c5c240802ab9b23b3
SHA-256: 2708c2ec99a20a615faf37aa902954ce14224a74a975d91313511aee51193d78
Size: 1.19 MB
Asianux Server 4 for x86
- spice-glib-0.20-11.AXS4.i686.rpm
MD5: 79852019ee7a67e1f2af4b48acebc76a
SHA-256: 633ac4d5031785db43f37e5824646a0ea49266744fc360abb0d6787bd35d8d71
Size: 318.48 kB - spice-gtk-0.20-11.AXS4.i686.rpm
MD5: a79545a5e014c4594b111a501e5dc32d
SHA-256: ef4ba3a444f9606e8296114b269d9c00fb4704ca0b17906784c966b18c71ffd3
Size: 57.34 kB - spice-gtk-python-0.20-11.AXS4.i686.rpm
MD5: 55e1c7a19ed3e9dfc2edee8ee4e20450
SHA-256: ff838d0b236177adf9fc02054288505bee3bc74e037e68fed03601563199347d
Size: 22.92 kB
Asianux Server 4 for x86_64
- spice-glib-0.20-11.AXS4.x86_64.rpm
MD5: 5539ddc802408f3438a170740507ec93
SHA-256: 05df13dfae76e5e11bf332c5fcf9459ecbd605cf712833634dcc15699d534aa7
Size: 315.45 kB - spice-gtk-0.20-11.AXS4.x86_64.rpm
MD5: 62ab28b771cafa5722df3039c7f90673
SHA-256: 1c0751d6a224bfc37d700da50673b28c7ddcf39a72629379ae51dae87688c1d1
Size: 58.32 kB - spice-gtk-python-0.20-11.AXS4.x86_64.rpm
MD5: fd4aa9f4867c8914b041c79cc75b1bfc
SHA-256: 430517bea88acc4905a498c7cb804b430e1d895c1b610d21e722c8a671b85d51
Size: 24.04 kB - spice-glib-0.20-11.AXS4.i686.rpm
MD5: 79852019ee7a67e1f2af4b48acebc76a
SHA-256: 633ac4d5031785db43f37e5824646a0ea49266744fc360abb0d6787bd35d8d71
Size: 318.48 kB - spice-gtk-0.20-11.AXS4.i686.rpm
MD5: a79545a5e014c4594b111a501e5dc32d
SHA-256: ef4ba3a444f9606e8296114b269d9c00fb4704ca0b17906784c966b18c71ffd3
Size: 57.34 kB