Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
Name: libvncserver1 | Distribution: openSUSE Tumbleweed |
Version: 0.9.14 | Vendor: openSUSE |
Release: 1.3 | Build date: Sat Feb 10 00:19:25 2024 |
Group: System/Libraries | Build host: i01-armsrv1 |
Size: 362541 | Source RPM: LibVNCServer-0.9.14-1.3.src.rpm |
Packager: http://bugs.opensuse.org | |
Url: https://github.com/LibVNC/libvncserver | |
Summary: Library implementing a VNC server |
LibVNCServer/LibVNCClient are cross-platform C libraries that allow implementing VNC server or client functionality in your program.
GPL-2.0-or-later
* Fri Jun 23 2023 pgajdos@suse.com - version update to 0.9.14 [#]# Overall changes: * Added more documentation (build system integration, repeater setup) and a legal FAQ. * Added [contribution guidelines](CONTRIBUTING.md). * Ported the TravisCI continous integration machinery to GitHub workflows. [#]# LibVNCServer/LibVNCClient: * Added [qemu extended key event]. * Fixed several potential multiplication overflows. [#]# LibVNCClient: * Fixes of several memory leaks and buffer overflows. * Added UltraVNC's MSLogonII authentication scheme. * Fixed TLS interoperability with GnuTLS servers. * Fixed detection of newer UltraVNC and TightVNC servers. * Added support for [SetDesktopSize]. * Added SSH tunneling example using libssh2. * Added some extensions to VeNCrypt in order to be compatible with a wider range of servers. [#]# LibVNCServer: * Fixes to the multi-threaded server implementation which should be a lot more sound now. * Fixed TightVNC-filetransfer file upload for 64-bit systems. * Fixes of crashes in the zlib compression. * Added support for [UTF8 clipboard data]. * Fixed visual artifacts in framebuffer on ARM platforms. * Fixed several WebSockets bugs. * Fixed the UltraVNC-style repeater example. * Added support for larger framebuffers (two 4k screens possible now). * Added support for timeouts for outbound connections (to repeaters for instance). * Fixed out-of-bounds memory access in Tight encoding. - modified patches % 0001-libvncserver-Add-API-to-add-custom-I-O-entry-points.patch (refreshed) % 0002-libvncserver-Add-channel-security-handlers.patch (refreshed) - deleted patches - 0001-libvncserver-don-t-NULL-out-internal-of-the-default-.patch (upstreamed) - 0003-libvncserver-auth-don-t-keep-security-handlers-from-.patch (upstreamed) - 0004-zlib-Clear-buffer-pointers-on-cleanup-444.patch (upstreamed) - LibVNCServer-CVE-2020-29260.patch (upstreamed) * Thu Sep 08 2022 pgajdos@suse.com - security update - added patches fix CVE-2020-29260 [bsc#1203106], memory leakage via rfbClientCleanup() + LibVNCServer-CVE-2020-29260.patch * Fri Sep 17 2021 pgajdos@suse.com - purposedly adding just this changelog entry - previous version updates fixed also: * CVE-2020-14398 [bsc#1173880] -- improperly closed TCP connection causes an infinite loop in libvncclient/sockets.c * CVE-2017-18922 [bsc#1173477] -- preauth buffer overwrite * CVE-2018-20748 [bsc#1123823] -- libvnc contains multiple heap out-of-bounds writes * CVE-2020-25708 [bsc#1178682] -- libvncserver/rfbserver.c has a divide by zero which could result in DoS * CVE-2018-21247 [bsc#1173874] -- uninitialized memory contents are vulnerable to Information leak * CVE-2018-20750 [bsc#1123832] -- heap out-of-bounds write vulnerability in libvncserver/rfbserver.c * CVE-2020-14397 [bsc#1173700] -- NULL pointer dereference in libvncserver/rfbregion.c * CVE-2019-20839 [bsc#1173875] -- buffer overflow in ConnectClientToUnixSock() * CVE-2020-14401 [bsc#1173694] -- potential integer overflows in libvncserver/scale.c * CVE-2020-14400 [bsc#1173691] -- Byte-aligned data is accessed through uint16_t pointers in libvncserver/translate.c. * CVE-2019-20840 [bsc#1173876] -- unaligned accesses in hybiReadAndDecode can lead to denial of service * CVE-2020-14399 [bsc#1173743] -- Byte-aligned data is accessed through uint32_t pointers in libvncclient/rfbproto.c. * CVE-2020-14402 [bsc#1173701] -- out-of-bounds access via encodings. * CVE-2020-14403 [bsc#1173701] * CVE-2020-14404 [bsc#1173701] * Fri Jan 08 2021 Frederic Crozat <fcrozat@suse.com> - Add many patches needed for GNOME Remote desktop (already in Fedora): * TLS security type enablement patches gh#LibVNC/libvncserver!234 - 0001-libvncserver-Add-API-to-add-custom-I-O-entry-points.patch - 0002-libvncserver-Add-channel-security-handlers.patch - 0003-libvncserver-auth-don-t-keep-security-handlers-from-.patch * Fix crash on all runs after the first gh#LibVNC/libvncserver!444 rh#1882718 - 0004-zlib-Clear-buffer-pointers-on-cleanup-444.patch * Fix another crasher glgo#GNOME/gnome-remote-desktop#45 rh#1882718 - 0001-libvncserver-don-t-NULL-out-internal-of-the-default-.patch * Tue Jun 30 2020 pgajdos@suse.com - version update to 0.9.13 [bsc#1173477] [#]# Overall changes: * Small tweaks to the CMake build system. * The macOS server example was overhauled and is now the most feature-complete sample application of the project, ready for real-world use. * Lots of documentation updates and markdownifying. * The TravisCI continuous integration now also build-checks cross-compilation from Linux to Windows. * Setup a [Gitter community chat](https://gitter.im/LibVNC/libvncserver) for the project. [#]# LibVNCServer/LibVNCClient: * Both LibVNCServer and LibVNCClient now support an additional platform, namely Microsoft Windows. Building is supported with Visual Studio as well as MingGW. * The separate crypto routines used by LibVNCClient and LibVNCServer were refactored into an implementation common to both libraries. * Several security issues got fixed. * The bundled noVNC client is now at version 1.1.0 and included via a git submodule. [#]# LibVNCClient: * Added connect timeout as well as read timeout support thanks to Tobias Junghans. * Both TLS backends now do proper locking of network operations when multi-threaded thanks to Gaurav Ujjwal. * Fixed regression in Tight/Raw decoding introduced in 0.9.12 thanks to DRC. * Fixed encrypted connections to AnonTLS servers when using the OpenSSL back-end. Made possible by the profound research done by Gaurav Ujjwal. [#]# LibVNCServer: * Added a hooking function (`clientFramebufferUpdateRequestHook`) to deliver rfbFramebufferUpdateRequest messages from clients to the frame producer thanks to Jae Hyun Yoo. * Added SetDesktopSize/ExtendedDesktopSize support thanks to Floris Bos. * Added multi-threading support for MS Windows. * Fixed VNC repeater/proxy functionality that was broken in 0.9.12. * Fixed unstable WebSockets connections thanks to Sebastian Kranz. - deleted patches - LibVNCServer-CVE-2019-15681.patch (upstreamed) - LibVNCServer-CVE-2019-15690.patch (upstreamed) - LibVNCServer-CVE-2019-20788.patch (upstreamed) - avoid-pthread_join-if-backgroundLoop-is-FALSE.patch (upstreamed) - cmake-libdir.patch (upstreamed) - fix-crash-on-shutdown.patch (upstreamed) * Mon May 04 2020 pgajdos@suse.com - deleted patches - LibVNCServer-CVE-2018-20749.patch (mistakenly added, it is already part of 0.9.12) * Mon Apr 27 2020 pgajdos@suse.com - security update - added patches fix CVE-2019-15690 [bsc#1160471], heap buffer overflow + LibVNCServer-CVE-2019-15690.patch fix CVE-2019-20788 [bsc#1170441], integer overflow and heap-based buffer overflow via a large height or width value + LibVNCServer-CVE-2019-20788.patch * Fri Jan 10 2020 Fabian Vogt <fvogt@suse.com> - Add patches to fix crash on shutdown: * avoid-pthread_join-if-backgroundLoop-is-FALSE.patch * fix-crash-on-shutdown.patch * Mon Nov 04 2019 pgajdos@suse.com - turn the test suite on * Mon Nov 04 2019 pgajdos@suse.com - security update - added patches CVE-2019-15681 [bsc#1155419] + LibVNCServer-CVE-2019-15681.patch
/usr/lib64/libvncserver.so.0.9.14 /usr/lib64/libvncserver.so.1 /usr/share/doc/packages/libvncserver1 /usr/share/doc/packages/libvncserver1/COPYING /usr/share/doc/packages/libvncserver1/README.md
Generated by rpm2html 1.8.1
Fabrice Bellet, Thu Nov 14 00:43:26 2024