Issued:
2014-10-13
Updated:
2014-10-13

RHBA-2014:1435 - spice-server bug fix update

Synopsis

spice-server bug fix update

Type/Severity

Bug Fix Advisory (none)

Topic

Updated spice-server packages that fix several bugs are now available for Red Hat Enterprise Linux 6.

Description

The Simple Protocol for Independent Computing Environments (SPICE) is a remote display protocol for virtual environments. SPICE users can access a virtualized desktop or server from the local system or any system with network access to the server. SPICE is used in Red Hat Enterprise Linux for viewing virtualized guests running on the Kernel-based Virtual Machine (KVM) hypervisor or on Red Hat Enterprise Virtualization Hypervisors.

This update fixes the following bugs:

  • Previously, the SPICE server assumed that the SPICE client was connected until it became disconnected. However, when the client became unresponsive, or did not disconnect explicitly, the server kept trying to communicate with it. Consequently, queues, such as a driver commands ring, filled up, and the guest display driver hung. With this update, the SPICE server monitors if the client is responsive and disconnect if it is not. (BZ#994175)

  • Previously, pending data from the client were cleaned inappropriately. As a consequence, QEMU could terminate unexpectedly when a VM was rebooting while being migrated. This update ensures that the pending client data are cleaned appropriately, and QEMU crashes no longer occur. (BZ#1004443)

  • Prior to this update, the SPICE server used exclusively Transport Layer Security (TLS) version 1.0 for encrypted connections no matter what version(s) the client advertised. Consequently, the SPICE client could not use newer versions of TLS. To fix this bug, the SPICE server code has been changed to allow for TLS 1.0 and above, and clients can now connect using TLS version 1.0 or newer. (BZ#1035695)

  • Due to an integer overflow on a 32 bit timer value, infinite loop in the SPICE server on long running VMs longer than 46 days caused SPICE sessions to become unresponsive. Where appropriate, 64 bit timer values are now used, and SPICE sessions no longer crash. (BZ#1072700)

  • Due to invalid assertion in the video streaming code, the SPICE hypervisor could terminate unexpectedly when the assert was triggered. The following error message was returned in the log file:

    qemu sometimes crashes in spice-server with "rate_control->num_recent_enc_frames" assertion

The invalid assertion has been fixed, and the hypervisor no longer crashes. (BZ#1086820)

Users of spice-server are advised to upgrade to these updated packages, which fix these bugs.

Solution

Before applying this update, make sure all previously released errata relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258

Affected Products

ProductVersionArch
Red Hat Enterprise Linux for Scientific Computing6x86_64
Red Hat Enterprise Linux Workstation6x86_64
Red Hat Enterprise Linux Server6x86_64
Red Hat Enterprise Linux Server from RHUI6x86_64
Red Hat Enterprise Linux Server - Retired Extended Life Cycle Support6x86_64
Red Hat Enterprise Linux Server - Extended Life Cycle Support6x86_64
Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension6x86_64
Red Hat Enterprise Linux Desktop6x86_64

Updated Packages

  • spice-server-devel-0.12.4-11.el6.x86_64.rpm
  • spice-server-0.12.4-11.el6.src.rpm
  • spice-server-debuginfo-0.12.4-11.el6.x86_64.rpm
  • spice-server-0.12.4-11.el6.x86_64.rpm

Fixes

CVEs

(none)

References

(none)

Additional information