Overview
Request 664669 superseded
- Fix devel package dependencies
- security update
* CVE-2018-15126 [bsc#1120114]
+ LibVNCServer-CVE-2018-15126.patch
* CVE-2018-6307 [bsc#1120115]
+ LibVNCServer-CVE-2018-6307.patch
* CVE-2018-20020 [bsc#1120116]
+ LibVNCServer-CVE-2018-20020.patch
* CVE-2018-15127 [bsc#1120117]
+ LibVNCServer-CVE-2018-15127.patch
* CVE-2018-20019 [bsc#1120118]
+ LibVNCServer-CVE-2018-20019.patch
* CVE-2018-20023 [bsc#1120119]
+ LibVNCServer-CVE-2018-20023.patch
* CVE-2018-20022 [bsc#1120120]
+ LibVNCServer-CVE-2018-20022.patch
* CVE-2018-20024 [bsc#1120121]
+ LibVNCServer-CVE-2018-20024.patch
* CVE-2018-20021 [bsc#1120122]
+ LibVNCServer-CVE-2018-20021.patch
- Update to version 0.9.11
Overall changes:
LibVNCServer/LibVNCClient development now uses continous intregration,
provided by TravisCI.
LibVNCClient:
Now initializes libgcrypt before use if the application did not do it.
Fixes a crash when connection to Mac hosts
(#45).
Various fixes that result in more stable handling of malicious or broken
servers.
Removed broken and unmaintained H264 decoding.
Some documentation fixes.
Added hooks to WriteToTLS() for optional protection by mutex.
LibVNCServer:
Stability fixes for the WebSocket implementation.
Replaced SHA1 implementation with the one from RFC 6234.
The built-in HTTP server does not allow directory traversals anymore.
The built-in HTTP now sends correct MIME types for CSS and SVG.
Added support for systemd socket activation.
Made it possible to get autoPort behavior with either ipv4 or ipv6
disabled.
Fixed starting of an onHold-client in threaded mode.
- dropped patches:
- libvncserver-0.9.10-use-namespaced-rfbMax-macro.patch (upstreamed)
- libvncserver-byteswap.patch (stop maintaining not upstreamed patch)
- modified patches:
% libvncserver-0.9.10-ossl.patch (refreshed)
- Created by adamm
- In state superseded
- Supersedes 663313
- Superseded by 673320
- Open review for repo-checker
- Open review for factory-staging
Request History
adamm created request
- Fix devel package dependencies
- security update
* CVE-2018-15126 [bsc#1120114]
+ LibVNCServer-CVE-2018-15126.patch
* CVE-2018-6307 [bsc#1120115]
+ LibVNCServer-CVE-2018-6307.patch
* CVE-2018-20020 [bsc#1120116]
+ LibVNCServer-CVE-2018-20020.patch
* CVE-2018-15127 [bsc#1120117]
+ LibVNCServer-CVE-2018-15127.patch
* CVE-2018-20019 [bsc#1120118]
+ LibVNCServer-CVE-2018-20019.patch
* CVE-2018-20023 [bsc#1120119]
+ LibVNCServer-CVE-2018-20023.patch
* CVE-2018-20022 [bsc#1120120]
+ LibVNCServer-CVE-2018-20022.patch
* CVE-2018-20024 [bsc#1120121]
+ LibVNCServer-CVE-2018-20024.patch
* CVE-2018-20021 [bsc#1120122]
+ LibVNCServer-CVE-2018-20021.patch
- Update to version 0.9.11
Overall changes:
LibVNCServer/LibVNCClient development now uses continous intregration,
provided by TravisCI.
LibVNCClient:
Now initializes libgcrypt before use if the application did not do it.
Fixes a crash when connection to Mac hosts
(#45).
Various fixes that result in more stable handling of malicious or broken
servers.
Removed broken and unmaintained H264 decoding.
Some documentation fixes.
Added hooks to WriteToTLS() for optional protection by mutex.
LibVNCServer:
Stability fixes for the WebSocket implementation.
Replaced SHA1 implementation with the one from RFC 6234.
The built-in HTTP server does not allow directory traversals anymore.
The built-in HTTP now sends correct MIME types for CSS and SVG.
Added support for systemd socket activation.
Made it possible to get autoPort behavior with either ipv4 or ipv6
disabled.
Fixed starting of an onHold-client in threaded mode.
- dropped patches:
- libvncserver-0.9.10-use-namespaced-rfbMax-macro.patch (upstreamed)
- libvncserver-byteswap.patch (stop maintaining not upstreamed patch)
- modified patches:
% libvncserver-0.9.10-ossl.patch (refreshed)
factory-auto added opensuse-review-team as a reviewer
Please review sources
factory-auto added repo-checker as a reviewer
Please review build success
factory-auto accepted review
Check script succeeded
staging-bot set openSUSE:Factory:Staging:E as a staging project
Being evaluated by staging project "openSUSE:Factory:Staging:E"
staging-bot accepted review
Picked openSUSE:Factory:Staging:E
jengelh accepted review
dimstar_suse accepted review
Removing from openSUSE:Factory:Staging:E, re-evaluation needed
dimstar_suse added factory-staging as a reviewer
Requesting new staging review
licensedigger accepted review
ok
superseded by 673320
CC @lwfinger
virtualbox has a hard requires on libvncserver0 - with libVnc being updated, this dependency is no longer met, which results in:
Can you please correct this in one of the upcoming submissions for virtualbox?
Waiting for virtualbox