- version update to 0.9.14
  ## Overall changes: 
    * Added more documentation (build system integration, repeater setup) and a legal FAQ.
    * Added [contribution guidelines](CONTRIBUTING.md).
    * Ported the TravisCI continous integration machinery to GitHub workflows.
  ## LibVNCServer/LibVNCClient:
    * Added [qemu extended key event].
    * Fixed several potential multiplication overflows.
  ## LibVNCClient:
    * Fixes of several memory leaks and buffer overflows.
    * Added UltraVNC's MSLogonII authentication scheme.
    * Fixed TLS interoperability with GnuTLS servers.
    * Fixed detection of newer UltraVNC and TightVNC servers.
    * Added support for [SetDesktopSize].
    * Added SSH tunneling example using libssh2.
    * Added some extensions to VeNCrypt in order to be compatible with a wider range of servers.
  ## LibVNCServer:
    * Fixes to the multi-threaded server implementation which should be a lot more sound now.
    * Fixed TightVNC-filetransfer file upload for 64-bit systems.
    * Fixes of crashes in the zlib compression.
    * Added support for [UTF8 clipboard data].
    * Fixed visual artifacts in framebuffer on ARM platforms.
    * Fixed several WebSockets bugs.
    * Fixed the UltraVNC-style repeater example.
    * Added support for larger framebuffers (two 4k screens possible now).
    * Added support for timeouts for outbound connections (to repeaters for instance).
    * Fixed out-of-bounds memory access in Tight encoding.
- modified patches
  % 0001-libvncserver-Add-API-to-add-custom-I-O-entry-points.patch (refreshed)
  % 0002-libvncserver-Add-channel-security-handlers.patch (refreshed)

• Files Changed
• Browse Source

- security update
- added patches
  fix CVE-2020-29260 [bsc#1203106], memory leakage via rfbClientCleanup()
  + LibVNCServer-CVE-2020-29260.patch

• Files Changed
• Browse Source

- purposedly adding just this changelog entry
- previous version updates fixed also:
  * CVE-2020-14398 [bsc#1173880] -- improperly closed TCP connection causes an infinite loop in libvncclient/sockets.c
  * CVE-2017-18922 [bsc#1173477] -- preauth buffer overwrite
  * CVE-2018-20748 [bsc#1123823] -- libvnc contains multiple heap out-of-bounds writes
  * CVE-2020-25708 [bsc#1178682] -- libvncserver/rfbserver.c has a divide by zero which could result in DoS
  * CVE-2018-21247 [bsc#1173874] -- uninitialized memory contents are vulnerable to Information leak
  * CVE-2018-20750 [bsc#1123832] -- heap out-of-bounds write vulnerability in libvncserver/rfbserver.c
  * CVE-2020-14397 [bsc#1173700] -- NULL pointer dereference in libvncserver/rfbregion.c
  * CVE-2019-20839 [bsc#1173875] -- buffer overflow in ConnectClientToUnixSock()
  * CVE-2020-14401 [bsc#1173694] -- potential integer overflows in libvncserver/scale.c
  * CVE-2020-14400 [bsc#1173691] -- Byte-aligned data is accessed through uint16_t pointers in libvncserver/translate.c.
  * CVE-2019-20840 [bsc#1173876] -- unaligned accesses in hybiReadAndDecode can lead to denial of service
  * CVE-2020-14399 [bsc#1173743] -- Byte-aligned data is accessed through uint32_t pointers in libvncclient/rfbproto.c.
  * CVE-2020-14402 [bsc#1173701] -- out-of-bounds access via encodings.
  * CVE-2020-14403 [bsc#1173701]
  * CVE-2020-14404 [bsc#1173701]

• Files Changed
• Browse Source

drop unwanted patch (forwarded request 862813 from fcrozat)

• Files Changed
• Browse Source

- version update to 0.9.13 [bsc#1173477]
  ## Overall changes:
    * Small tweaks to the CMake build system.
    * The macOS server example was overhauled and is now the most feature-complete sample
          application of the project, ready for real-world use.
    * Lots of documentation updates and markdownifying.
    * The TravisCI continuous integration now also build-checks cross-compilation from
          Linux to Windows.
    * Setup a [Gitter community chat](https://gitter.im/LibVNC/libvncserver) for the project.
  ## LibVNCServer/LibVNCClient:
    * Both LibVNCServer and LibVNCClient now support an additional platform, namely
          Microsoft Windows. Building is supported with Visual Studio as well as MingGW.
    * The separate crypto routines used by LibVNCClient and LibVNCServer were refactored
          into an implementation common to both libraries.
    * Several security issues got fixed.
    * The bundled noVNC client is now at version 1.1.0 and included via a git submodule.
  ## LibVNCClient:
    * Added connect timeout as well as read timeout support thanks to Tobias Junghans.
    * Both TLS backends now do proper locking of network operations when multi-threaded
      thanks to Gaurav Ujjwal.
    * Fixed regression in Tight/Raw decoding introduced in 0.9.12 thanks to DRC.
    * Fixed encrypted connections to AnonTLS servers when using the OpenSSL back-end.
          Made possible by the profound research done by Gaurav Ujjwal.
  ## LibVNCServer:
    * Added a hooking function (`clientFramebufferUpdateRequestHook`) to deliver
          rfbFramebufferUpdateRequest messages from clients to the frame producer
          thanks to Jae Hyun Yoo.
    * Added SetDesktopSize/ExtendedDesktopSize support thanks to Floris Bos.
    * Added multi-threading support for MS Windows.
    * Fixed VNC repeater/proxy functionality that was broken in 0.9.12.

• Files Changed
• Browse Source

- deleted patches
  - LibVNCServer-CVE-2018-20749.patch (mistakenly added, it is
    already part of 0.9.12)

• Files Changed
• Browse Source

- security update
- added patches
  fix CVE-2019-15690 [bsc#1160471], heap buffer overflow
  + LibVNCServer-CVE-2019-15690.patch
  fix CVE-2019-20788 [bsc#1170441], integer overflow and heap-based buffer overflow via a large height or width value
  + LibVNCServer-CVE-2019-20788.patch

• Files Changed
• Browse Source

- Add patches to fix crash on shutdown:
  * avoid-pthread_join-if-backgroundLoop-is-FALSE.patch
  * fix-crash-on-shutdown.patch (forwarded request 762623 from favogt)

• Files Changed
• Browse Source

- turn the test suite on

- security update
- added patches
  CVE-2019-15681 [bsc#1155419]
  + LibVNCServer-CVE-2019-15681.patch

• Files Changed
• Browse Source

- Add BuildRequire libgnutls-devel: Remmina needs it for VNC
  connections (boo#1123805) (forwarded request 679156 from zhangxiaofei)

• Files Changed
• Browse Source

• Files Changed
• Browse Source

1

• Files Changed
• Browse Source

1

• Files Changed
• Browse Source

- Update to version 0.9.10
  + Moved the whole project from sourceforge to https://libvnc.github.io/.
  + Cleaned out the autotools build system which now uses autoreconf.
  + Updated noVNC HTML5 client to latest version.
  + Split out x11vnc sources into separate repository at
    https://github.com/LibVNC/x11vnc
  + Split out vncterm sources into separate repository at
    https://github.com/LibVNC/vncterm
  + Split out VisualNaCro sources into separate repository at
    https://github.com/LibVNC/VisualNaCro
  + Merged Debian patches.
  + Fixed some security-related buffer overflow cases.
  + Added compatibility headers to make LibVNCServer/LibVNCClient
    build on native Windows 8.
  + Update LZO to version 2.07, fixing CVE-2014-4607.
  + Merged patches from KDE/krfb.
  + Can now do IPv6 without IPv4.
  + Fixed a use-after-free issue in scale.c.
- Update Url and download source to new project home
- Remove LibVNCServer-0.9.9-no_x11vnc.patch; upstream splited it
  out of main tarball
- Rebase libvncserver-ossl.patch to upstream changes
  > libvncserver-0.9.10-ossl.patch
- Remove linuxvnc subpackage; like x11vnc, it has been splited out
  but is depreciated and unmaintained.

• Files Changed
• Browse Source

1

• Files Changed
• Browse Source

Split 13.2 from Factory

• Files Changed
• Browse Source

- remove old .bz2 file

• Files Changed
• Browse Source

Split 13.1 from Factory

• Files Changed
• Browse Source

- Add Url to Source section in spec file (forwarded request 159783 from m_meister)

• Files Changed
• Browse Source

Split 12.3 from Factory

• Files Changed
• Browse Source