Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP1:GA
tigervnc.16718
tigervnc.changes
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File tigervnc.changes of Package tigervnc.16718
------------------------------------------------------------------- Fri Sep 25 19:25:52 UTC 2020 - Stefan Dirsch <sndirsch@suse.com> - CVE-2020-26117: Server certificates were stored as certiticate authoritied, allowing malicious owners of these certificates to impersonate any server after a client had added an exception (boo#1176733) * U_0001-Properly-store-certificate-exceptions.patch, U_0002-Properly-store-certificate-exceptions-in-Java-viewer.patch * Properly store certificate exceptions (boo#1176733) * U_Move-UserPasswordGetter-out-of-CConn.patch * needed for applying U_0002-Properly-store-certificate-exceptions-in-Java-viewer.patch - adjusted u_tigervnc-add-autoaccept-parameter.patch and applying it last ------------------------------------------------------------------- Wed Jan 8 16:11:49 UTC 2020 - Stefan Dirsch <sndirsch@suse.com> - TigerVNC security fix: 0001-Make-ZlibInStream-more-robust-against-failures.patch 0002-Encapsulate-PixelBuffer-internal-details.patch 0003-Restrict-PixelBuffer-dimensions-to-safe-values.patch 0004-Add-write-protection-to-OffsetPixelBuffer.patch 0005-Handle-empty-Tight-gradient-rects.patch 0006-Add-unit-test-for-PixelFormat-sanity-checks.patch 0007-Fix-depth-sanity-test-in-PixelFormat.patch 0008-Add-sanity-checks-for-PixelFormat-shift-values.patch 0009-Remove-unused-FixedMemOutStream.patch 0010-Use-size_t-for-lengths-in-stream-objects.patch 0011-Be-defensive-about-overflows-in-stream-objects.patch 0012-Add-unit-tests-for-PixelFormat.is888-detection.patch 0013-Handle-pixel-formats-with-odd-shift-values.patch * stack use-after-return due to incorrect usage of stack memory in ZRLEDecoder (CVE-2019-15691, bsc#1159856) * improper value checks in CopyRectDecode may lead to heap buffer overflow (CVE-2019-15692, bsc#1160250) * heap buffer overflow in TightDecoder::FilterGradient (CVE-2019-15693, bsc#1159858) * improper error handling in processing MemOutStream may lead to heap buffer overflow (CVE-2019-15694, bsc#1160251 * stack buffer overflow, which could be triggered from CMsgReader::readSetCurso (CVE-2019-15695, bsc#1159860) ------------------------------------------------------------------- Wed Sep 19 01:23:05 UTC 2018 - Jason Sikes <jsikes@suse.de> - Changed "openssl" requirement to "openssl(cli)" * (bsc#1101470) ------------------------------------------------------------------- Mon Aug 6 12:04:52 UTC 2018 - msrb@suse.com - Add xvnc.target to fix xvnc-novnc.service's dependency. (bnc#1103552) ------------------------------------------------------------------- Wed Jun 6 13:51:28 UTC 2018 - msrb@suse.com - U_vncviewer-Fix-fullscreen-scrolling.patch, U_vncviewer-Fix-scrollbar-visibility.patch * Fix scrolling in vncviewer. (boo#1095664) ------------------------------------------------------------------- Tue Apr 24 09:16:59 UTC 2018 - msrb@suse.com - Reload firewalld files after installation. ------------------------------------------------------------------- Wed Apr 11 09:48:51 UTC 2018 - jengelh@inai.de - Limit feature description to openSUSE. Ensure neutrality of description. ------------------------------------------------------------------- Wed Apr 11 08:12:52 UTC 2018 - msrb@suse.com - Add u_change-button-layout-in-ServerDialog.patch * To fit strings in languages with longer words... (bnc#1084865) - Refresh n_tigervnc-date-time.patch * Completely hide the build time (bnc#1082968) ------------------------------------------------------------------- Thu Mar 22 14:27:28 UTC 2018 - msrb@suse.com - Enable xvnc.socket if upgraded from previous installation that had VNC enabled in xinetd configuration. (bnc#1085974) - Subpackage xorg-x11-Xvnc must also obsolete tightvnc. ------------------------------------------------------------------- Wed Feb 28 12:19:52 UTC 2018 - msrb@suse.com - Replace SuSEFirewall2 by firewalld. (bnc#1081952) ------------------------------------------------------------------- Mon Dec 18 16:44:20 UTC 2017 - dimstar@opensuse.org - Do not mess with /usr/lib*64)?/debug: this is RPM's playground for debuginfo packages. ------------------------------------------------------------------- Mon Dec 18 14:56:17 UTC 2017 - fstrba@suse.com - Added patch: * tigervnc-1.8.0-nowindows.patch + Remove Windows code that is removed from jdk10 ------------------------------------------------------------------- Tue Dec 12 13:15:25 UTC 2017 - msrb@suse.com - Depend on pkgconfig's gl, egl and gbm instead of Mesa-devel. * Those dependencies are what the underlying X server really needs. Mesa-devel is too general and is a bottleneck in distribution build. (bnc#1071297) ------------------------------------------------------------------- Tue Sep 26 11:53:23 UTC 2017 - msrb@suse.com - u_Unset-pixel-buffer-when-x0vncserver-client-disconnect.patch * Fixes crash in x0vncserver after client disconnects. (bnc#1058587) ------------------------------------------------------------------- Mon Sep 25 08:36:07 UTC 2017 - msrb@suse.com - Add tigervnc-x11vnc wrapper for x0vncserver that replaces x11vnc. (fate#323207) - Replace java applet with novnc as web-based VNC viewer. (fate#323880) - Convert xinetd services to systemd socket activated services. (bnc#1058460) ------------------------------------------------------------------- Mon Sep 11 14:12:30 UTC 2017 - fstrba@suse.com - Specify java source and target level 1.6 in order to be able to build with jdk9 ------------------------------------------------------------------- Fri Aug 11 08:59:54 UTC 2017 - msrb@suse.com - Disable MIT-SHM extension when running under vnc user. (bnc#1053373) ------------------------------------------------------------------- Thu Jul 20 07:49:41 UTC 2017 - msrb@suse.com - U_allow_multiple_certs_with_same_dn_in_saved_certs_file.patch, U_handle_certificate_verification_for_saved_certs_correctly.patch * Fix certificate handling in the java client. (bnc#1041847) - Refresh u_tigervnc-add-autoaccept-parameter.patch and apply it last. - Make sure CN in generated certificate doesn't exceed 64 characters. (bnc#1041847) ------------------------------------------------------------------- Fri Jul 7 08:06:00 UTC 2017 - msrb@suse.com - Change with-vnc-key.sh to generate TLS certificate using current hostname. (bnc#1041847) ------------------------------------------------------------------- Fri Jun 9 11:03:23 UTC 2017 - tchvatal@suse.com - Require java-deve >= 1.6.0 to avoid bootstrap fail ------------------------------------------------------------------- Fri Jun 2 10:02:06 UTC 2017 - meissner@suse.com - removed unneeded -fPIC flags for CFLAGS, these made it avoid PIE support. ------------------------------------------------------------------- Wed May 31 11:33:52 UTC 2017 - msrb@suse.com - Update to tigervnc 1.8.0 * Overhaul of the Java client to match the look and behaviour of the native client * Initial work for multi-threaded decoding in the Java client * vncconfig no longer needed for clipboard with Xvnc/libvnc.so * vncserver has system wide config support * Full support for alpha cursors in Xvnc/libvnc.so and both viewers - Removed patches: * U_Add-xorg-xserver-1.19-support.patch * U_tigervnc-fix-inetd-not-working-with-xserver-1-19.patch * U_tigervnc-better-check-for-screen-visibility.patch ------------------------------------------------------------------- Mon Apr 10 14:24:51 UTC 2017 - msrb@suse.com - U_tigervnc-better-check-for-screen-visibility.patch * Crop operations to visible screen. (bnc#1032272) ------------------------------------------------------------------- Thu Mar 2 14:19:27 UTC 2017 - msrb@suse.com - Readd index.vnc. (bnc#1026833) ------------------------------------------------------------------- Mon Feb 20 17:43:56 UTC 2017 - msrb@suse.com - U_tigervnc-fix-inetd-not-working-with-xserver-1-19.patch * Fixes inetd mode with x server 1.19 (bnc#1025759) ------------------------------------------------------------------- Wed Jan 25 14:52:21 UTC 2017 - msrb@suse.com - Update to tigervnc 1.7.1. * This is a security update for TigerVNC 1.7.0 which fixes a memory overflow issue via the RRE decoder. A malicious server could possibly use this issue to take control of the TigerVNC viewer. ------------------------------------------------------------------- Wed Nov 30 17:15:40 UTC 2016 - sndirsch@suse.com - U_Add-xorg-xserver-1.19-support.patch * Add xorg-xserver 1.19 support ------------------------------------------------------------------- Tue Sep 13 14:10:08 UTC 2016 - msrb@suse.com - Update to tigervnc 1.7.0. * Multi-threaded decoder in the FLTK viewer * Improved SSH integration in the Java viewer * Fine grained lock down of Xvnc parameters * Compatibility with Xorg 1.18 * Lots of packaging fixes * Better compatibility with Vino, both in the FLTK and Java viewer - Removed patches: * U_add_allowoverride_parameter.patch * U_include-vencrypt-only-if-any-subtype-present.patch * U_tigervnc_clear_up_zlibinstream_reset_behaviour.patch * u_xserver118.patch ------------------------------------------------------------------- Mon Aug 8 20:05:19 UTC 2016 - eich@suse.com - Adding a generic 'windowmanager' requires which will be satisfied by any package providing 'windowmanager': Requires: windowmanager (boo#981663). ------------------------------------------------------------------- Thu Jun 16 13:17:15 UTC 2016 - msrb@suse.com - Generate VNC key and certificate on first use, not during installation. (bnc#982349) ------------------------------------------------------------------- Mon Jun 13 15:21:19 UTC 2016 - msrb@suse.com - Add U_tigervnc_clear_up_zlibinstream_reset_behaviour.patch * Fix zlib stream reset in tight encoding. (bnc#963417) ------------------------------------------------------------------- Tue May 24 12:46:07 UTC 2016 - msrb@suse.com - Add /etc/pam.d/vnc configuration and add vnc user to shadow group. (bnc#980326) - Add dependency on fltk-devel version >= 1.3.3. ------------------------------------------------------------------- Fri Apr 29 14:13:22 UTC 2016 - msrb@suse.com - Add U_add_allowoverride_parameter.patch and u_build_libXvnc_as_separate_library.patch (fate#319319) - Add u_tigervnc-show-unencrypted-warning.patch (fate#319701) ------------------------------------------------------------------- Wed Apr 27 10:34:05 UTC 2016 - msrb@suse.com - Add dependency on xorg-x11-fonts-core. (bnc#977019) ------------------------------------------------------------------- Tue Jan 12 12:14:27 UTC 2016 - msrb@suse.com - Updated to tigervnc 1.6.0. - Removed patches: * N_tigervnc_revert_fltk_1_3_3_requirements.patch * U_tigervnc-fix-reversed-logic-in-vncIsTCPPortUsed.patch * u_tigervnc-display-SHA-1-fingerprint-of-untrusted-certificate.patch * u_tigervnc-use-default-trust-manager-in-java-viewer-if-custom.patch * u_tigervnc-use_preferred_mode.patch * u_tigervnc-vncserver-clean-pid-files.patch - Updated patches: * n_tigervnc-date-time.patch * u_tigervnc-add-autoaccept-parameter.patch * u_tigervnc_update_default_vncxstartup.patch ------------------------------------------------------------------- Wed Dec 16 14:25:35 UTC 2015 - msrb@suse.com - u_tigervnc_update_default_vncxstartup.patch * Update default VNC xstartup script. - Add dependency on xinit and icewm. (bnc#956537) ------------------------------------------------------------------- Thu Nov 12 12:51:31 UTC 2015 - msrb@suse.com - u_xserver118.patch * Build with xserver 1.18.0. ------------------------------------------------------------------- Thu Oct 1 23:16:52 UTC 2015 - msrb@suse.com - u_tigervnc-vncserver-clean-pid-files.patch * vncserver: Clean pid files of dead processes. (bnc#948392) ------------------------------------------------------------------- Sun Sep 13 14:57:35 UTC 2015 - msrb@suse.com - U_tigervnc-fix-reversed-logic-in-vncIsTCPPortUsed.patch * Fixes Xvnc with -inetd parameter. (bnc#945600) ------------------------------------------------------------------- Thu Aug 27 14:14:46 UTC 2015 - hguo@suse.com - VNC server cannot run without xauth and xkbcomp, therefore introduce these dependencies. ------------------------------------------------------------------- Tue Aug 25 15:14:04 UTC 2015 - msrb@suse.com - Remove commented out DefaultDepth 16 from 10-libvnc.conf file. Using 16 bit depth can cause troubles and does not have any positives anymore, so lets not suggest it to users. (bnc#942982) ------------------------------------------------------------------- Fri Jul 31 13:48:16 UTC 2015 - dimstar@opensuse.org - Add /usr/sbin/groupadd and /usr/sbin/useradd Requires(post) to xorg-x11-Xvnc: the scripts are creating users/groups. ------------------------------------------------------------------- Wed Jul 15 11:52:02 UTC 2015 - msrb@suse.com - Updated to tigervnc 1.5.0. - Dropped no longer needed patches: * tigervnc-sf3495623.patch * u_syslog.patch * u_tigervnc-build-with-xserver-1.17.patch * tigervnc-gnutls-3.4-required.patch * u_tigervnc-dont-send-ascii-control-characters.patch * u_terminate_instead_of_ignoring_restart.patch - Dropped no longer needed index.vnc. - Use encryption everywhere. (fate#318936) * u_tigervnc-display-SHA-1-fingerprint-of-untrusted-certificate.patch * u_tigervnc-use-default-trust-manager-in-java-viewer-if-custom.patch * u_tigervnc-add-autoaccept-parameter.patch - Work with fltk 1.3.2. * N_tigervnc_revert_fltk_1_3_3_requirements.patch ------------------------------------------------------------------- Thu May 28 02:10:46 CEST 2015 - ro@suse.de - add buildrequires for xf86driproto and presentproto to match xserver - disable dri2 on s390/s390x ------------------------------------------------------------------- Mon Apr 20 12:10:10 UTC 2015 - msrb@suse.com - u_syslog.patch, vnc.xinetd * Add logging to syslog. ------------------------------------------------------------------- Wed Apr 15 10:39:07 UTC 2015 - dimstar@opensuse.org - Add tigervnc-gnutls-3.4-required.patch: raise gnutls dependency to 3.2. Simplifies code, but makes it build with gnutls 3.4. Patch taken from Arch. ------------------------------------------------------------------- Tue Apr 14 08:53:09 UTC 2015 - meissner@suse.com - Updated to tigervnc 1.4.3 * Upstream patches applied to the underlying Xorg code base to mitigate CVE-2015-0255 / bsc#915810. * Fixes for performance regressions introduced in 1.4.0. * Character encoding of clipboard text send by Java viewer now strictly adheres to the RFB specification. ------------------------------------------------------------------- Wed Apr 1 12:44:09 UTC 2015 - msrb@suse.com - u_terminate_instead_of_ignoring_restart.patch * Terminate instead of ignoring restart. (bnc#920969) ------------------------------------------------------------------- Tue Feb 24 13:00:22 UTC 2015 - msrb@suse.com - Fix build against X server 1.17.x. * u_tigervnc-build-with-xserver-1.17.patch ------------------------------------------------------------------- Thu Feb 5 13:39:04 UTC 2015 - msrb@suse.com - Use xserver sources from xorg-x11-server-source. - Drop no longer needed patches: * N_xorg-server-xdmcp.patch * n_tigervnc-dont-build-gtf.patch ------------------------------------------------------------------- Fri Jan 9 12:50:45 UTC 2015 - msrb@suse.com - Update to tigervnc 1.4.1 on xorg-server 1.16.1. - Drop upstreamed or obsolete patches: tigervnc-sf3492352.diff u_aarch64-support.patch u_tigervnc-check-shm-harder.patch u_arch-Fix-image-and-bitmap-byte-order-for-ppc64le.patch u_tigervnc-1.3.0-fix-use-after-free.patch tigervnc-1.2.80-fix-int-to-pointer.patch ------------------------------------------------------------------- Sun Nov 16 09:33:04 UTC 2014 - oscar@naiandei.net - add -fPIC to CFLAGS and CXXFLAGS to compile correctly on armv7l ------------------------------------------------------------------- Thu Oct 30 13:33:27 UTC 2014 - msrb@suse.com - u_tigervnc-cve-2014-8240.patch * Prevent potentially dangerous integer overflow. (bnc#900896 CVE-2014-8240) ------------------------------------------------------------------- Mon Oct 13 11:51:03 UTC 2014 - msrb@suse.com - u_tigervnc-use_preferred_mode.patch * Mark user chosen resolution as preferred. (bnc#896540) ------------------------------------------------------------------- Mon Aug 18 13:58:30 UTC 2014 - sndirsch@suse.com - use update-alternatives only on openSUSE > 13.1 ------------------------------------------------------------------- Mon Aug 18 11:07:09 UTC 2014 - msrb@suse.com - u_tigervnc-check-shm-harder.patch * Check if SHM really works before deciding to use it. (bnc#890580) ------------------------------------------------------------------- Mon Aug 4 10:37:08 UTC 2014 - msrb@suse.com - U_include-vencrypt-only-if-any-subtype-present.patch * Do not automatically offer VeNCrypt security if none of it's subtypes is selected. (bnc#889781) ------------------------------------------------------------------- Wed Jun 4 11:39:54 UTC 2014 - msrb@suse.com - Fix some errors reported by rpmlint. ------------------------------------------------------------------- Thu May 29 03:37:30 UTC 2014 - crrodriguez@opensuse.org - n_tigervnc-date-time.patch package republishes everyday and gets on my nerves, this is because the binaries contain hardcoded timestamps, avoid that. - export CXXFLAGS and CFLAGS before building ttigervnc otherwise it gets built without optimization. - Make build verbose so it rpmlint catches errors like the above ones. ------------------------------------------------------------------- Wed May 28 14:54:02 UTC 2014 - msrb@suse.com - Use update-alternatives. ------------------------------------------------------------------- Tue May 20 13:55:30 UTC 2014 - msrb@suse.com - u_tigervnc-ignore-epipe-on-write.patch * Do not display error message because of EPIPE on write. (bnc#864676) ------------------------------------------------------------------- Fri May 16 13:52:19 UTC 2014 - msrb@suse.com - Update to version 1.3.1 * Security release (CVE-2014-0011). ------------------------------------------------------------------- Mon Apr 28 01:00:39 UTC 2014 - sndirsch@suse.com - added missing pkgconfig(xorg-macros) >= 1.14 ------------------------------------------------------------------- Sat Apr 26 12:04:30 UTC 2014 - sndirsch@suse.com - xorg-x11-Xvnc: require xkeyboard-config (bnc#875329) ------------------------------------------------------------------- Fri Apr 25 11:55:11 UTC 2014 - msrb@suse.com - vnc.xinetd * Do not use 16 bpp by default anymore. The network trafic gain of 16 bpp together with Tight encoding is arguable. 16 bpp causes graphical issues and is known to not work properly in Mesa. (bnc#871965) ------------------------------------------------------------------- Mon Mar 17 13:47:18 UTC 2014 - msrb@suse.com - Update HTML page that serves vnc client applet. (bnc#867273) - u_tigervnc-dont-send-ascii-control-characters.patch * Send CTRL+[A-Z] combinations instead of ascii control characters. (bnc#864666) ------------------------------------------------------------------- Mon Feb 24 14:42:50 UTC 2014 - msrb@suse.com - u_arch-Fix-image-and-bitmap-byte-order-for-ppc64le.patch: arch: Fix image and bitmap byte order for ppc64le (bnc#865069) ------------------------------------------------------------------- Thu Feb 13 14:29:47 UTC 2014 - msrb@suse.com - Readd vncpasswd.arg for compatibility with installation system and potentially another users. (bnc#855246) ------------------------------------------------------------------- Fri Feb 7 14:52:02 UTC 2014 - msrb@suse.com - Drop tigervnc-sf3492503.diff, tigervnc-sf3495623.diff and tigervnc-sf3495623.patch.old (not used and not needed). - Update tigervnc-sf3492352.diff and tigervnc-sf3495623.patch. ------------------------------------------------------------------- Fri Jan 10 15:11:50 UTC 2014 - sndirsch@suse.com - do not include vnc Xserver module and xorg.conf snippet on s390x ------------------------------------------------------------------- Thu Jan 9 11:40:13 UTC 2014 - msrb@suse.com - Remove unnecessary BuildRequires for binutils-gold. ------------------------------------------------------------------- Mon Dec 16 14:51:48 UTC 2013 - msrb@suse.com - Exclude xorg-server-1.13.0/hw/xfree86/modes/xf86gtf.c and xorg-server-1.13.0/hw/xfree86/utils/gtf/gtf.c from xserver sources. (bnc#855566) - n_tigervnc-dont-build-gtf.patch * Fix build with gtf files excluded. (bnc#855566) ------------------------------------------------------------------- Tue Dec 3 14:34:56 UTC 2013 - msrb@suse.com - tigervnc-clean-pressed-key-on-exit.patch * Send release events for pressed keys after X I/O error. (bnc#670448) ------------------------------------------------------------------- Mon Nov 18 14:05:44 UTC 2013 - msrb@suse.com - Update to 1.3.0. - Build xorg-x11-Xvnc package from this sources. ------------------------------------------------------------------- Wed Sep 19 08:08:53 UTC 2012 - werner@suse.de - Make it build with latest TeXLive 2012 and use pdf engine ------------------------------------------------------------------- Wed Mar 21 23:30:32 UTC 2012 - jengelh@medozas.de - Add missing tarball - Parallel build with %_smp_mflags - Remove redundant sections ------------------------------------------------------------------- Fri Feb 24 20:47:33 UTC 2012 - giecrilj@stegny.2a.pl - bump to 1.1 (current stable) - add documentation (bnc#748504) - build dynamic server - eliminate gethostbyname, patch submitted upstream - incidental clean-up ------------------------------------------------------------------- Wed Feb 9 15:07:34 UTC 2011 - sndirsch@novell.com - added jpeg-devel to BuildRequires ------------------------------------------------------------------- Wed Feb 9 14:00:16 UTC 2011 - sndirsch@novell.com - use system jpeg for building - fixed xkb path - added more reasonable options for Xvfb building ------------------------------------------------------------------- Wed Feb 9 08:57:06 UTC 2011 - sndirsch@novell.com - added Reinhard's xdmcp fix (bnc #625593) ------------------------------------------------------------------- Wed Feb 9 08:50:10 UTC 2011 - sndirsch@novell.com - TigerVNC build * fix fontpatch * cleanup ------------------------------------------------------------------- Wed Feb 9 04:41:24 UTC 2011 - sndirsch@novell.com - build Xvnc of TigerVNC project when %tigervnc is set; make this the default for now ------------------------------------------------------------------- Tue Feb 8 17:00:32 UTC 2011 - sndirsch@novell.com - latest version of Perl script ------------------------------------------------------------------- Thu Feb 3 17:41:02 UTC 2011 - sndirsch@novell.com - renamed package from xorg-x11-Xvnc-ng to xorg-x11-Xvnc ------------------------------------------------------------------- Thu Feb 3 17:26:04 UTC 2011 - sndirsch@novell.com - rewritten wrapper script in Perl ------------------------------------------------------------------- Wed Jan 26 10:07:10 UTC 2011 - sndirsch@novell.com - added services file for SuSEfirewall2 ------------------------------------------------------------------- Wed Jan 26 00:43:01 UTC 2011 - sndirsch@novell.com - created package
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor