Signed-off-by: Changqing Li <changqing...@windriver.com>
---
...ros-in-printf-to-keep-compatibility-betwe.patch | 72 ---------------
...xl-Fix-BITMAP_FMT_IS_RGB-defined-but-not-.patch | 29 ------
recipes-support/spice/files/CVE-2017-7506-1.patch | 81 -----------------
recipes-support/spice/files/CVE-2017-7506-2.patch | 37 --------
recipes-support/spice/files/CVE-2017-7506-3.patch | 54 -----------
.../spice/files/Fix-build-issues-with-gcc-7.patch | 59 ------------
.../build-allow-separated-src-and-build-dirs.patch | 62 -------------
...ac-add-subdir-objects-to-AM_INIT_AUTOMAKE.patch | 29 ------
.../spice/files/spice-fix-CVE-2013-4282.patch | 100 ---------------------
recipes-support/spice/spice_git.bb | 79 ----------------
10 files changed, 602 deletions(-)
delete mode 100644
recipes-support/spice/files/0001-Use-PRI-macros-in-printf-to-keep-compatibility-betwe.patch
delete mode 100644
recipes-support/spice/files/0001-red_parse_qxl-Fix-BITMAP_FMT_IS_RGB-defined-but-not-.patch
delete mode 100644 recipes-support/spice/files/CVE-2017-7506-1.patch
delete mode 100644 recipes-support/spice/files/CVE-2017-7506-2.patch
delete mode 100644 recipes-support/spice/files/CVE-2017-7506-3.patch
delete mode 100644
recipes-support/spice/files/Fix-build-issues-with-gcc-7.patch
delete mode 100644
recipes-support/spice/files/build-allow-separated-src-and-build-dirs.patch
delete mode 100644
recipes-support/spice/files/configure.ac-add-subdir-objects-to-AM_INIT_AUTOMAKE.patch
delete mode 100644 recipes-support/spice/files/spice-fix-CVE-2013-4282.patch
delete mode 100644 recipes-support/spice/spice_git.bb
diff --git
a/recipes-support/spice/files/0001-Use-PRI-macros-in-printf-to-keep-compatibility-betwe.patch
b/recipes-support/spice/files/0001-Use-PRI-macros-in-printf-to-keep-compatibility-betwe.patch
deleted file mode 100644
index 18fa8fa..0000000
---
a/recipes-support/spice/files/0001-Use-PRI-macros-in-printf-to-keep-compatibility-betwe.patch
+++ /dev/null
@@ -1,72 +0,0 @@
-From 3cb746329ea4846bd9c65e0198e69423379b6f62 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?=EC=86=8C=EB=B3=91=EC=B2=A0?= <byungchul...@samsung.com>
-Date: Thu, 24 Apr 2014 12:26:32 +0000
-Subject: [PATCH] Use PRI macros in printf to keep compatibility between
- 32/64bit system
-
-gcc's some integer type definitions are different between 32/64bit system.
-This causes platform dependency problem with printf function. However,
-we can avoid this problem by using PRI macros that supports platform
-independent printf.
----
- server/mjpeg_encoder.c | 7 ++++---
- server/red_worker.c | 4 ++--
- 2 files changed, 6 insertions(+), 5 deletions(-)
-
-diff --git a/server/mjpeg_encoder.c b/server/mjpeg_encoder.c
-index aea4964..f465d88 100644
---- a/server/mjpeg_encoder.c
-+++ b/server/mjpeg_encoder.c
-@@ -23,6 +23,7 @@
- #include "mjpeg_encoder.h"
- #include <jerror.h>
- #include <jpeglib.h>
-+#include <inttypes.h>
-
- #define MJPEG_MAX_FPS 25
- #define MJPEG_MIN_FPS 1
-@@ -66,7 +67,7 @@ static const int
mjpeg_quality_samples[MJPEG_QUALITY_SAMPLE_NUM] = {20, 30, 40,
- * are not necessarily related to mis-estimation of the bit rate, and we would
- * like to wait till the stream stabilizes.
- */
--#define MJPEG_WARMUP_TIME 3000L // 3 sec
-+#define MJPEG_WARMUP_TIME 3000LL // 3 sec
-
- enum {
- MJPEG_QUALITY_EVAL_TYPE_SET,
-@@ -638,7 +639,7 @@ static void
mjpeg_encoder_adjust_params_to_bit_rate(MJpegEncoder *encoder)
-
- spice_debug("cur-fps=%u new-fps=%u (new/old=%.2f) |"
- "bit-rate=%.2f (Mbps) latency=%u (ms) quality=%d |"
-- " new-size-avg %lu , base-size %lu, (new/old=%.2f) ",
-+ " new-size-avg %"PRIu64" , base-size %"PRIu64", (new/old=%.2f)
",
- rate_control->fps, new_fps,
((double)new_fps)/rate_control->fps,
- ((double)rate_control->byte_rate*8)/1024/1024,
- latency,
-@@ -703,7 +704,7 @@ static void mjpeg_encoder_adjust_fps(MJpegEncoder
*encoder, uint64_t now)
-
- avg_fps = ((double)rate_control->adjusted_fps_num_frames*1000) /
- adjusted_fps_time_passed;
-- spice_debug("#frames-adjust=%lu #adjust-time=%lu avg-fps=%.2f",
-+ spice_debug("#frames-adjust=%"PRIu64" #adjust-time=%"PRIu64"
avg-fps=%.2f",
- rate_control->adjusted_fps_num_frames,
adjusted_fps_time_passed, avg_fps);
- spice_debug("defined=%u old-adjusted=%.2f", rate_control->fps,
rate_control->adjusted_fps);
- fps_ratio = avg_fps / rate_control->fps;
-diff --git a/server/red_worker.c b/server/red_worker.c
-index 619f7bc..1871e13 100644
---- a/server/red_worker.c
-+++ b/server/red_worker.c
-@@ -2594,8 +2594,8 @@ static void red_print_stream_stats(DisplayChannelClient
*dcc, StreamAgent *agent
- mjpeg_encoder_get_stats(agent->mjpeg_encoder, &encoder_stats);
- }
-
-- spice_debug("stream=%ld dim=(%dx%d) #in-frames=%lu #in-avg-fps=%.2f
#out-frames=%lu "
-- "out/in=%.2f #drops=%lu (#pipe=%lu #fps=%lu) out-avg-fps=%.2f
"
-+ spice_debug("stream=%"PRIdPTR" dim=(%dx%d) #in-frames=%"PRIu64" #in-avg-fps=%.2f
#out-frames=%"PRIu64" "
-+ "out/in=%.2f #drops=%"PRIu64" (#pipe=%"PRIu64" #fps=%"PRIu64")
out-avg-fps=%.2f "
- "passed-mm-time(sec)=%.2f size-total(MB)=%.2f
size-per-sec(Mbps)=%.2f "
- "size-per-frame(KBpf)=%.2f avg-quality=%.2f "
- "start-bit-rate(Mbps)=%.2f end-bit-rate(Mbps)=%.2f",
---
-2.10.2
-
diff --git
a/recipes-support/spice/files/0001-red_parse_qxl-Fix-BITMAP_FMT_IS_RGB-defined-but-not-.patch
b/recipes-support/spice/files/0001-red_parse_qxl-Fix-BITMAP_FMT_IS_RGB-defined-but-not-.patch
deleted file mode 100644
index ccae5f5..0000000
---
a/recipes-support/spice/files/0001-red_parse_qxl-Fix-BITMAP_FMT_IS_RGB-defined-but-not-.patch
+++ /dev/null
@@ -1,29 +0,0 @@
-From 85838d4c9f2322aedb99b38fffd7da95a494d8ed Mon Sep 17 00:00:00 2001
-From: He Zhe <zhe...@windriver.com>
-Date: Thu, 29 Jun 2017 08:26:35 +0000
-Subject: [PATCH] red_parse_qxl: Fix BITMAP_FMT_IS_RGB defined but not used
-
-| ../../git/server/red_parse_qxl.c:367:18: error: 'BITMAP_FMT_IS_RGB'
-defined but not used [-Werror=unused-const-variable=]
-| static const int BITMAP_FMT_IS_RGB[] = {0, 0, 0, 0, 0, 0, 1, 1, 1, 1, 1};
-
-Signed-off-by: He Zhe <zhe...@windriver.com>
----
- server/red_parse_qxl.c | 1 -
- 1 file changed, 1 deletion(-)
-
-diff --git a/server/red_parse_qxl.c b/server/red_parse_qxl.c
-index 6c0b0658..cfc2da95 100644
---- a/server/red_parse_qxl.c
-+++ b/server/red_parse_qxl.c
-@@ -364,7 +364,6 @@ static int bitmap_consistent(SpiceBitmap *bitmap)
-
- // This is based on SPICE_BITMAP_FMT_*, copied from server/red_worker.c
- // to avoid a possible unoptimization from making it non static.
--static const int BITMAP_FMT_IS_RGB[] = {0, 0, 0, 0, 0, 0, 1, 1, 1, 1, 1};
-
- static SpiceImage *red_get_image(RedMemSlotInfo *slots, int group_id,
- QXLPHYSICAL addr, uint32_t flags, int
is_mask)
---
-2.11.0
-
diff --git a/recipes-support/spice/files/CVE-2017-7506-1.patch
b/recipes-support/spice/files/CVE-2017-7506-1.patch
deleted file mode 100644
index 1975aca..0000000
--- a/recipes-support/spice/files/CVE-2017-7506-1.patch
+++ /dev/null
@@ -1,81 +0,0 @@
-From 2e521a9db27e1ed31bf5fbed437208bf7f1c77a1 Mon Sep 17 00:00:00 2001
-From: Frediano Ziglio <fzig...@redhat.com>
-Date: Mon, 15 May 2017 15:57:28 +0100
-Subject: [PATCH 1/3] reds: Disconnect when receiving overly big
- ClientMonitorsConfig
-
-Total message size received from the client was unlimited. There is
-a 2kiB size check on individual agent messages, but the MonitorsConfig
-message can be split in multiple chunks, and the size of the
-non-chunked MonitorsConfig message was never checked. This could easily
-lead to memory exhaustion on the host.
-
-Signed-off-by: Frediano Ziglio <fzig...@redhat.com>
-
-Upstream-Status: Backport
-[https://cgit.freedesktop.org/spice/spice/commit/?h=0.12&id=f1e7ec03e26ab6b8ca9b7ec060846a5b706a963d]
-
-CVE: CVE-2017-7506
-
-Signed-off-by: Yi Zhao <yi.z...@windriver.com>
----
- server/reds.c | 25 +++++++++++++++++++++++--
- 1 file changed, 23 insertions(+), 2 deletions(-)
-
-diff --git a/server/reds.c b/server/reds.c
-index 30d0652..701d5d8 100644
---- a/server/reds.c
-+++ b/server/reds.c
-@@ -1086,19 +1086,34 @@ static void reds_client_monitors_config_cleanup(void)
- static void reds_on_main_agent_monitors_config(
- MainChannelClient *mcc, void *message, size_t size)
- {
-+ const unsigned int MAX_MONITORS = 256;
-+ const unsigned int MAX_MONITOR_CONFIG_SIZE =
-+ sizeof(VDAgentMonitorsConfig) + MAX_MONITORS *
sizeof(VDAgentMonConfig);
-+
- VDAgentMessage *msg_header;
- VDAgentMonitorsConfig *monitors_config;
- RedsClientMonitorsConfig *cmc = &reds->client_monitors_config;
-
-+ // limit size of message sent by the client as this can cause a DoS
through
-+ // memory exhaustion, or potentially some integer overflows
-+ if (sizeof(VDAgentMessage) + MAX_MONITOR_CONFIG_SIZE - cmc->buffer_size <
size) {
-+ goto overflow;
-+ }
- cmc->buffer_size += size;
- cmc->buffer = realloc(cmc->buffer, cmc->buffer_size);
- spice_assert(cmc->buffer);
- cmc->mcc = mcc;
- memcpy(cmc->buffer + cmc->buffer_pos, message, size);
- cmc->buffer_pos += size;
-+ if (sizeof(VDAgentMessage) > cmc->buffer_size) {
-+ spice_debug("not enough data yet. %d", cmc->buffer_size);
-+ return;
-+ }
- msg_header = (VDAgentMessage *)cmc->buffer;
-- if (sizeof(VDAgentMessage) > cmc->buffer_size ||
-- msg_header->size > cmc->buffer_size - sizeof(VDAgentMessage)) {
-+ if (msg_header->size > MAX_MONITOR_CONFIG_SIZE) {
-+ goto overflow;
-+ }
-+ if (msg_header->size > cmc->buffer_size - sizeof(VDAgentMessage)) {
- spice_debug("not enough data yet. %d\n", cmc->buffer_size);
- return;
- }
-@@ -1106,6 +1121,12 @@ static void reds_on_main_agent_monitors_config(
- spice_debug("%s: %d\n", __func__, monitors_config->num_of_monitors);
- red_dispatcher_client_monitors_config(monitors_config);
- reds_client_monitors_config_cleanup();
-+ return;
-+
-+overflow:
-+ spice_warning("received invalid MonitorsConfig request from client,
disconnecting");
-+ red_channel_client_disconnect(main_channel_client_get_base(mcc));
-+ reds_client_monitors_config_cleanup();
- }
-
- void reds_on_main_agent_data(MainChannelClient *mcc, void *message, size_t
size)
---
-2.7.4
-
diff --git a/recipes-support/spice/files/CVE-2017-7506-2.patch
b/recipes-support/spice/files/CVE-2017-7506-2.patch
deleted file mode 100644
index a517b08..0000000
--- a/recipes-support/spice/files/CVE-2017-7506-2.patch
+++ /dev/null
@@ -1,37 +0,0 @@
-From 6934f036240753a14514a71ede8bb44af2043f24 Mon Sep 17 00:00:00 2001
-From: Frediano Ziglio <fzig...@redhat.com>
-Date: Mon, 15 May 2017 15:57:28 +0100
-Subject: [PATCH 2/3] reds: Avoid integer overflows handling monitor
- configuration
-
-Avoid VDAgentMessage::size integer overflows.
-
-Signed-off-by: Frediano Ziglio <fzig...@redhat.com>
-
-Upstream-Status: Backport
-[https://cgit.freedesktop.org/spice/spice/commit/?h=0.12&id=ec6229c79abe05d731953df5f7e9a05ec9f6df79]
-
-CVE: CVE-2017-7506
-
-Signed-off-by: Yi Zhao <yi.z...@windriver.com>
----
- server/reds.c | 3 +++
- 1 file changed, 3 insertions(+)
-
-diff --git a/server/reds.c b/server/reds.c
-index 701d5d8..62b1164 100644
---- a/server/reds.c
-+++ b/server/reds.c
-@@ -1117,6 +1117,9 @@ static void reds_on_main_agent_monitors_config(
- spice_debug("not enough data yet. %d\n", cmc->buffer_size);
- return;
- }
-+ if (msg_header->size < sizeof(VDAgentMonitorsConfig)) {
-+ goto overflow;
-+ }
- monitors_config = (VDAgentMonitorsConfig *)(cmc->buffer +
sizeof(*msg_header));
- spice_debug("%s: %d\n", __func__, monitors_config->num_of_monitors);
- red_dispatcher_client_monitors_config(monitors_config);
---
-2.7.4
-
diff --git a/recipes-support/spice/files/CVE-2017-7506-3.patch
b/recipes-support/spice/files/CVE-2017-7506-3.patch
deleted file mode 100644
index d55502f..0000000
--- a/recipes-support/spice/files/CVE-2017-7506-3.patch
+++ /dev/null
@@ -1,54 +0,0 @@
-From daedc2e2bb70f7cb0eafd65fd37fd73af12df770 Mon Sep 17 00:00:00 2001
-From: Frediano Ziglio <fzig...@redhat.com>
-Date: Mon, 15 May 2017 15:57:28 +0100
-Subject: [PATCH 3/3] reds: Avoid buffer overflows handling monitor
- configuration
-
-It was also possible for a malicious client to set
-VDAgentMonitorsConfig::num_of_monitors to a number larger
-than the actual size of VDAgentMOnitorsConfig::monitors.
-This would lead to buffer overflows, which could allow the guest to
-read part of the host memory. This might cause write overflows in the
-host as well, but controlling the content of such buffers seems
-complicated.
-
-Signed-off-by: Frediano Ziglio <fzig...@redhat.com>
-
-Upstream-Status: Backport
-[https://cgit.freedesktop.org/spice/spice/commit/?h=0.12&id=a957a90baf2c62d31f3547e56bba7d0e812d2331]
-
-CVE: CVE-2017-7506
-
-Signed-off-by: Yi Zhao <yi.z...@windriver.com>
----
- server/reds.c | 7 +++++++
- 1 file changed, 7 insertions(+)
-
-diff --git a/server/reds.c b/server/reds.c
-index 62b1164..ee36dec 100644
---- a/server/reds.c
-+++ b/server/reds.c
-@@ -1093,6 +1093,7 @@ static void reds_on_main_agent_monitors_config(
- VDAgentMessage *msg_header;
- VDAgentMonitorsConfig *monitors_config;
- RedsClientMonitorsConfig *cmc = &reds->client_monitors_config;
-+ uint32_t max_monitors;
-
- // limit size of message sent by the client as this can cause a DoS
through
- // memory exhaustion, or potentially some integer overflows
-@@ -1121,6 +1122,12 @@ static void reds_on_main_agent_monitors_config(
- goto overflow;
- }
- monitors_config = (VDAgentMonitorsConfig *)(cmc->buffer +
sizeof(*msg_header));
-+ // limit the monitor number to avoid buffer overflows
-+ max_monitors = (msg_header->size - sizeof(VDAgentMonitorsConfig)) /
-+ sizeof(VDAgentMonConfig);
-+ if (monitors_config->num_of_monitors > max_monitors) {
-+ goto overflow;
-+ }
- spice_debug("%s: %d\n", __func__, monitors_config->num_of_monitors);
- red_dispatcher_client_monitors_config(monitors_config);
- reds_client_monitors_config_cleanup();
---
-2.7.4
-
diff --git a/recipes-support/spice/files/Fix-build-issues-with-gcc-7.patch
b/recipes-support/spice/files/Fix-build-issues-with-gcc-7.patch
deleted file mode 100644
index 7fcafdc..0000000
--- a/recipes-support/spice/files/Fix-build-issues-with-gcc-7.patch
+++ /dev/null
@@ -1,59 +0,0 @@
-From 9f001b6818ac4baa1df010ccf4200ca56bfb11b2 Mon Sep 17 00:00:00 2001
-From: Mark Asselstine <mark.asselst...@windriver.com>
-Date: Wed, 23 Aug 2017 13:47:29 -0400
-Subject: [PATCH] Fix build issues with gcc 7
-
-gcc 7 checks for when a switch statement doesn't break between
-cases. When a break is not found you will see
-
-| ../../git/server/reds.c: In function 'vdi_port_read_one_msg_from_device':
-| ../../git/server/reds.c:797:31: error: this statement may fall through
[-Werror=implicit-fallthrough=]
-| state->read_state = VDI_PORT_READ_STATE_GET_BUFF;
-| ~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-| ../../git/server/reds.c:798:9: note: here
-| case VDI_PORT_READ_STATE_GET_BUFF: {
-| ^~~~
-
-The 'fallthrough' comment will let gcc know this is done on purpose.
-
-Signed-off-by: Mark Asselstine <mark.asselst...@windriver.com>
----
- server/inputs_channel.c | 1 +
- server/reds.c | 2 ++
- 2 files changed, 3 insertions(+)
-
-diff --git a/server/inputs_channel.c b/server/inputs_channel.c
-index 931dac1..534ab66 100644
---- a/server/inputs_channel.c
-+++ b/server/inputs_channel.c
-@@ -321,6 +321,7 @@ static int inputs_channel_handle_parsed(RedChannelClient
*rcc, uint32_t size, ui
- activate_modifiers_watch();
- }
- }
-+ /* fallthrough */
- case SPICE_MSGC_INPUTS_KEY_UP: {
- SpiceMsgcKeyDown *key_down = (SpiceMsgcKeyDown *)buf;
- for (i = 0; i < 4; i++) {
-diff --git a/server/reds.c b/server/reds.c
-index 30d0652..8c80eb6 100644
---- a/server/reds.c
-+++ b/server/reds.c
-@@ -795,6 +795,7 @@ static SpiceCharDeviceMsgToClient
*vdi_port_read_one_msg_from_device(SpiceCharDe
- }
- state->message_recive_len = state->vdi_chunk_header.size;
- state->read_state = VDI_PORT_READ_STATE_GET_BUFF;
-+ /* fallthrough */
- case VDI_PORT_READ_STATE_GET_BUFF: {
- if (!(state->current_read_buf = vdi_port_read_buf_get())) {
- return NULL;
-@@ -806,6 +807,7 @@ static SpiceCharDeviceMsgToClient
*vdi_port_read_one_msg_from_device(SpiceCharDe
- state->message_recive_len -= state->recive_len;
- state->read_state = VDI_PORT_READ_STATE_READ_DATA;
- }
-+ /* fallthrough */
- case VDI_PORT_READ_STATE_READ_DATA:
- n = sif->read(vdagent, state->recive_pos, state->recive_len);
- if (!n) {
---
-2.7.4
-
diff --git
a/recipes-support/spice/files/build-allow-separated-src-and-build-dirs.patch
b/recipes-support/spice/files/build-allow-separated-src-and-build-dirs.patch
deleted file mode 100644
index 9cbbff9..0000000
--- a/recipes-support/spice/files/build-allow-separated-src-and-build-dirs.patch
+++ /dev/null
@@ -1,62 +0,0 @@
-From 7d0d0ff080b159e647ebb26c337cb75314d64b52 Mon Sep 17 00:00:00 2001
-From: Mark Asselstine <mark.asselst...@windriver.com>
-Date: Thu, 1 May 2014 12:09:16 -0400
-Subject: [PATCH] build: allow separated src and build dirs
-
-We need to expland the list of include dirs to include the build dir since
-generated files will be created there instead of in the src dir.
-
-We also don't want to force using $srcdir for generated files as this will
-allow them to be created in the build dir. We account for the slight
-deviation in the generated files with expanded include paths.
-
-Signed-off-by: Mark Asselstine <mark.asselst...@windriver.com>
----
- configure.ac | 2 +-
- spice-common/common/Makefile.am | 14 +++++++-------
- 2 file changed, 8 insertions(+), 8 deletions(-)
-
-diff --git a/configure.ac b/configure.ac
-index edda8e9..9151fcb 100644
---- a/configure.ac
-+++ b/configure.ac
-@@ -165,7 +165,7 @@ dnl
=========================================================================
- dnl Check deps
-
- AC_CONFIG_SUBDIRS([spice-common])
--COMMON_CFLAGS='-I ${top_srcdir}/spice-common/ -I
${top_srcdir}/spice-common/spice-protocol/'
-+COMMON_CFLAGS='-I ${top_srcdir}/spice-common/ -I
${top_srcdir}/spice-common/common/ -I
${top_srcdir}/spice-common/spice-protocol/ -I ${top_builddir}/spice-common/'
- AC_SUBST(COMMON_CFLAGS)
-
- AC_CHECK_LIBM
-diff --git a/spice-common/common/Makefile.am b/spice-common/common/Makefile.am
-index 45568c6..4c65ac4 100644
---- a/spice-common/common/Makefile.am
-+++ b/spice-common/common/Makefile.am
-@@ -2,16 +2,16 @@ NULL =
-
- # Avoid need for python(pyparsing) by end users
- CLIENT_MARSHALLERS = \
-- $(srcdir)/generated_client_demarshallers.c \
-- $(srcdir)/generated_client_demarshallers1.c \
-- $(srcdir)/generated_client_marshallers.c \
-- $(srcdir)/generated_client_marshallers1.c \
-+ generated_client_demarshallers.c \
-+ generated_client_demarshallers1.c \
-+ generated_client_marshallers.c \
-+ generated_client_marshallers1.c \
- $(NULL)
-
- SERVER_MARSHALLERS = \
-- $(srcdir)/generated_server_demarshallers.c \
-- $(srcdir)/generated_server_marshallers.c \
-- $(srcdir)/generated_server_marshallers.h \
-+ generated_server_demarshallers.c \
-+ generated_server_marshallers.c \
-+ generated_server_marshallers.h \
- $(NULL)
-
- BUILT_SOURCES = $(CLIENT_MARSHALLERS) $(SERVER_MARSHALLERS)
$(top_srcdir)/spice-protocol/spice/enums.h
---
-1.8.3.2
-
diff --git
a/recipes-support/spice/files/configure.ac-add-subdir-objects-to-AM_INIT_AUTOMAKE.patch
b/recipes-support/spice/files/configure.ac-add-subdir-objects-to-AM_INIT_AUTOMAKE.patch
deleted file mode 100644
index 323ef52..0000000
---
a/recipes-support/spice/files/configure.ac-add-subdir-objects-to-AM_INIT_AUTOMAKE.patch
+++ /dev/null
@@ -1,29 +0,0 @@
-From 36efb79076420975f7fa7aa0b03a1fc282291b05 Mon Sep 17 00:00:00 2001
-From: Mark Asselstine <mark.asselst...@windriver.com>
-Date: Tue, 25 Mar 2014 15:23:25 -0400
-Subject: [PATCH] configure.ac: add subdir-objects to AM_INIT_AUTOMAKE
-
-Without this you will get subdir-objects error which will cause
-autoreconf to complete successfully.
-
-Signed-off-by: Mark Asselstine <mark.asselst...@windriver.com>
----
- spice-common/configure.ac | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/spice-common/configure.ac b/spice-common/configure.ac
-index b5cb960..78f1360 100644
---- a/spice-common/configure.ac
-+++ b/spice-common/configure.ac
-@@ -13,7 +13,7 @@ AC_CONFIG_AUX_DIR([build-aux])
- m4_ifdef([AM_PROG_AR], [AM_PROG_AR])
-
- # Checks for programs
--AM_INIT_AUTOMAKE([1.11 dist-xz no-dist-gzip tar-ustar foreign -Wall -Werror])
-+AM_INIT_AUTOMAKE([1.11 dist-xz no-dist-gzip tar-ustar foreign subdir-objects
-Wall -Werror])
- AM_MAINTAINER_MODE
- AM_SILENT_RULES([yes])
- LT_INIT
---
-1.8.3.2
-
diff --git a/recipes-support/spice/files/spice-fix-CVE-2013-4282.patch
b/recipes-support/spice/files/spice-fix-CVE-2013-4282.patch
deleted file mode 100644
index 1a00a85..0000000
--- a/recipes-support/spice/files/spice-fix-CVE-2013-4282.patch
+++ /dev/null
@@ -1,100 +0,0 @@
-Fix buffer overflow when decrypting client SPICE ticket
-
-commit 8af619009660b24e0b41ad26b30289eea288fcc2 upstream
-
-reds_handle_ticket uses a fixed size 'password' buffer for the decrypted
-password whose size is SPICE_MAX_PASSWORD_LENGTH. However,
-RSA_private_decrypt which we call for the decryption expects the
-destination buffer to be at least RSA_size(link->tiTicketing.rsa)
-bytes long. On my spice-server build, SPICE_MAX_PASSWORD_LENGTH
-is 60 while RSA_size() is 128, so we end up overflowing 'password'
-when using long passwords (this was reproduced using the string:
-'fullscreen=1proxy=#enter proxy here; e.g spice_proxy = http://[proxy]:[port]'
-as a password).
-
-When the overflow occurs, QEMU dies with:
-*** stack smashing detected ***: qemu-system-x86_64 terminated
-
-This commit ensures we use a corectly sized 'password' buffer,
-and that it's correctly nul-terminated so that we can use strcmp
-instead of strncmp. To keep using strncmp, we'd need to figure out
-which one of 'password' and 'taTicket.password' is the smaller buffer,
-and use that size.
-
-This fixes rhbz#999839
-diff --git a/server/reds.c b/server/reds.c
-index 30d0652..6f262b0 100644
---- a/server/reds.c
-+++ b/server/reds.c
-@@ -1931,39 +1931,59 @@ static void reds_handle_link(RedLinkInfo *link)
- static void reds_handle_ticket(void *opaque)
- {
- RedLinkInfo *link = (RedLinkInfo *)opaque;
-- char password[SPICE_MAX_PASSWORD_LENGTH];
-+ char *password;
- time_t ltime;
-+ int password_size;
-
- //todo: use monotonic time
- time(<ime);
-- RSA_private_decrypt(link->tiTicketing.rsa_size,
-- link->tiTicketing.encrypted_ticket.encrypted_data,
-- (unsigned char *)password, link->tiTicketing.rsa,
RSA_PKCS1_OAEP_PADDING);
-+ if (RSA_size(link->tiTicketing.rsa) < SPICE_MAX_PASSWORD_LENGTH) {
-+ spice_warning("RSA modulus size is smaller than SPICE_MAX_PASSWORD_LENGTH (%d
< %d), "
-+ "SPICE ticket sent from client may be truncated",
-+ RSA_size(link->tiTicketing.rsa),
SPICE_MAX_PASSWORD_LENGTH);
-+ }
-+
-+ password = g_malloc0(RSA_size(link->tiTicketing.rsa) + 1);
-+ password_size = RSA_private_decrypt(link->tiTicketing.rsa_size,
-+
link->tiTicketing.encrypted_ticket.encrypted_data,
-+ (unsigned char *)password,
-+ link->tiTicketing.rsa,
-+ RSA_PKCS1_OAEP_PADDING);
-+ if (password_size == -1) {
-+ spice_warning("failed to decrypt RSA encrypted password: %s",
-+ ERR_error_string(ERR_get_error(), NULL));
-+ goto error;
-+ }
-+ password[password_size] = '\0';
-
- if (ticketing_enabled && !link->skip_auth) {
- int expired = taTicket.expiration_time < ltime;
-
- if (strlen(taTicket.password) == 0) {
-- reds_send_link_result(link, SPICE_LINK_ERR_PERMISSION_DENIED);
- spice_warning("Ticketing is enabled, but no password is set. "
-- "please set a ticket first");
-- reds_link_free(link);
-- return;
-+ "please set a ticket first");
-+ goto error;
- }
-
-- if (expired || strncmp(password, taTicket.password,
SPICE_MAX_PASSWORD_LENGTH) != 0) {
-+ if (expired || strcmp(password, taTicket.password) != 0) {
- if (expired) {
- spice_warning("Ticket has expired");
- } else {
- spice_warning("Invalid password");
- }
-- reds_send_link_result(link, SPICE_LINK_ERR_PERMISSION_DENIED);
-- reds_link_free(link);
-- return;
-+ goto error;
- }
- }
-
- reds_handle_link(link);
-+ goto end;
-+
-+error:
-+ reds_send_link_result(link, SPICE_LINK_ERR_PERMISSION_DENIED);
-+ reds_link_free(link);
-+
-+end:
-+ g_free(password);
- }
-
- static inline void async_read_clear_handlers(AsyncRead *obj)
diff --git a/recipes-support/spice/spice_git.bb
b/recipes-support/spice/spice_git.bb
deleted file mode 100644
index c0fdd9c..0000000
--- a/recipes-support/spice/spice_git.bb
+++ /dev/null
@@ -1,79 +0,0 @@
-#
-# Copyright (C) 2013 Wind River Systems, Inc.
-#
-
-SUMMARY = "Simple Protocol for Independent Computing Environments"
-DESCRIPTION = "SPICE (the Simple Protocol for Independent Computing \
-Environments) is a remote-display system built for virtual \
-environments which allows users to view a computing 'desktop' \
-environment - not only on its computer-server machine, but also from \
-anywhere on the Internet and using a wide variety of machine \
-architectures."
-
-LICENSE = "BSD & LGPLv2.1+"
-LIC_FILES_CHKSUM = "file://COPYING;md5=4fbd65380cdd255951079008b364516c"
-
-PR = "r0"
-PV = "0.12.4"
-
-# Actual versions based on the checkouts below
-# spice = "0.12.4"
-# common = "0.12.6"
-# protocol = "0.12.6"
-SRCREV_spice = "b270fb010a3ddb432dfe6b15e4bdffa6ac086cd0"
-SRCREV_spice-common = "fe93908238196bd632287fc9875e6f2e11105d04"
-SRCREV_spice-protocol = "784407f248e7f99d2bfcc9368f9acd1efb2b9617"
-
-SRCREV_FORMAT = "spice_spice-common_spice-protocol"
-
-SRC_URI = "git://anongit.freedesktop.org/spice/spice;name=spice \
-
git://anongit.freedesktop.org/spice/spice-common;destsuffix=git/spice-common;name=spice-common
\
-
git://anongit.freedesktop.org/spice/spice-protocol;destsuffix=git/spice-common/spice-protocol;name=spice-protocol
\
- "
-
-SRC_URI += " \
- file://spice-fix-CVE-2013-4282.patch \
- file://configure.ac-add-subdir-objects-to-AM_INIT_AUTOMAKE.patch \
- file://build-allow-separated-src-and-build-dirs.patch \
- file://0001-red_parse_qxl-Fix-BITMAP_FMT_IS_RGB-defined-but-not-.patch
\
- file://0001-Use-PRI-macros-in-printf-to-keep-compatibility-betwe.patch
\
- file://Fix-build-issues-with-gcc-7.patch \
- file://CVE-2017-7506-1.patch \
- file://CVE-2017-7506-2.patch \
- file://CVE-2017-7506-3.patch \
- "
-
-S = "${WORKDIR}/git"
-
-inherit autotools gettext pythonnative python-dir pkgconfig
-
-DEPENDS += "python-native celt051 python-pyparsing jpeg pixman alsa-lib
glib-2.0"
-
-export PYTHON="${STAGING_BINDIR_NATIVE}/python-native/python"
-export PYTHONPATH="${PKG_CONFIG_SYSROOT_DIR}${libdir}/python2.7/site-packages"
-
-PACKAGECONFIG ?= "sasl"
-
-PACKAGECONFIG[smartcard] = "--enable-smartcard,--disable-smartcard,libcacard,"
-PACKAGECONFIG[sasl] = "--with-sasl,--without-sasl,cyrus-sasl,"
-PACKAGECONFIG[client] = "--enable-client,--disable-client,,"
-PACKAGECONFIG[gui] = "--enable-gui,--disable-gui,,"
-PACKAGECONFIG[opengl] = "--enable-opengl,--disable-opengl,,"
-PACKAGECONFIG[xinerama] = "--enable-xinerama,--disable-xinerama,libxinerama,"
-
-PACKAGES =+ "${PN}-protocol"
-LICENSE_${PN}-protocol = "BSD"
-FILES_${PN}-protocol += "${includedir}/spice-1"
-FILES_${PN}-protocol += "${datadir}/pkgconfig"
-
-do_configure_prepend() {
- mkdir -p ${S}/spice-common/spice-protocol/m4
-}
-
-do_install_append() {
- cd ${B}/spice-common/spice-protocol
- oe_runmake DESTDIR="${D}" install
- cd -
-}
-
-COMPATIBLE_HOST = '(x86_64|i.86).*-linux'