Commit Graph

69 Commits

Author SHA1 Message Date
Jan Grulich
d72fcf6bf9 Rebuild for updated xorg-x11-server
Resolves: RHEL-184004
2026-06-25 08:41:10 +02:00
Jan Grulich
1bd3cd64af Rebuild against updated xorg-x11-server
Fixes CVE-2026-33999, CVE-2026-34000, CVE-2026-34001, CVE-2026-34002,
      CVE-2026-34003 xorg-x11-server: various XKB and XSYNC
      vulnerabilities

Resolves: RHEL-163282
Resolves: RHEL-163268
Resolves: RHEL-163214
2026-04-28 09:15:21 +02:00
Jan Grulich
08b797e4ce Update to 1.16.2
Resolves: RHEL-154351
2026-04-09 11:07:35 +02:00
Jan Grulich
d815f4c4c9 Fix CVE-2025-62229: xorg-x11-server: Use-after-free in XPresentNotify structures creation
Resolves: RHEL-119989

Fix CVE-2025-62230: xorg-x11-server: Use-after-free in Xkb client resource removal
Resolves: RHEL-120009

Fix CVE-2025-62231: xorg-x11-server: Value overflow in Xkb extension XkbSetCompatMap()
Resolves: RHEL-120770
2025-11-04 13:49:30 +01:00
Jan Grulich
8e02c2f3a3 Fix CVE-2025-49175: xorg-x11-server: Out-of-Bounds Read in X Rendering Extension Animated Cursors
Resolves: RHEL-97284

Fix CVE-2025-49176: xorg-x11-server: Integer Overflow in Big Requests Extension
Resolves: RHEL-97303

Fix CVE-2025-49178: xorg-x11-server: Unprocessed Client Request Due to Bytes to Ignore
Resolves: RHEL-97379

Fix CVE-2025-49179: xorg-x11-server: Integer overflow in X Record extension
Resolves: RHEL-97414

Fix CVE-2025-49180: xorg-x11-server: Integer Overflow in X Resize, Rotate and Reflect (RandR) Extension
Resolves: RHEL-97429
2025-06-23 11:48:59 +02:00
Jan Grulich
cd2b821cf7 Fix broken authentication with x0vncserver
Resolves: RHEL-93573
2025-05-27 14:42:32 +02:00
Jan Grulich
b31462f4f4 Only warn about 8 characters limit, but let it still proceed
Resolves: RHEL-89432
2025-05-02 13:54:59 +02:00
Jan Grulich
56175741f2 Fix inetd mode not working
Resolves: RHEL-86511
2025-04-16 08:17:33 +02:00
Jan Grulich
8df6b161fe 1.15.0
Resolves: RHEL-78617

Add SELinux policy rules allowing to access /proc/sys/fs/nr_open
Resolves: RHEL-77973

Add SELinux policy rules allowing to create directories under /root
Resolves: RHEL-77975

Fix CVE-2025-26594 xorg-x11-server Use-after-free of the root cursor
Resolves: RHEL-80208

Fix CVE-2025-26595 xorg-x11-server Buffer overflow in XkbVModMaskText()
Resolves: RHEL-80189

Fix CVE-2025-26596 xorg-x11-server Heap overflow in XkbWriteKeySyms()
Resolves: RHEL-80194

Fix CVE-2025-26597 xorg-x11-server Buffer overflow in XkbChangeTypesOfKey()
Resolves: RHEL-80196

Fix CVE-2025-26598 xorg-x11-server Out-of-bounds write in CreatePointerBarrierClient()
Resolves: RHEL-80197

Fix CVE-2025-26599 xorg-x11-server Use of uninitialized pointer in compRedirectWindow()
Resolves: RHEL-80206

Fix CVE-2025-26600 xorg-x11-server Use-after-free in PlayReleasedEvents()
Resolves: RHEL-80205

Fix CVE-2025-26601 xorg-x11-server Use-after-free in SyncInitTrigger()
Resolves: RHEL-80209
2025-03-07 15:00:55 +01:00
Jan Grulich
70517c2cc7 Fix crash in clipboard support in x0vncserver
Resolves: RHEL-74216
2025-01-21 15:55:15 +01:00
Jan Grulich
2c870727a9 Add cliboard support to x0vncserver
Resolves: RHEL-74216
2025-01-16 14:01:54 +01:00
Jan Grulich
300dd6713e Fix CVE-2024-9632: xorg-x11-server: heap-based buffer overflow privilege escalation vulnerability
Resolves: RHEL-62001
2024-10-31 12:53:15 +01:00
Jan Grulich
56b503e143 1.14.1
Resolves: RHEL-45316
2024-10-23 09:41:36 +02:00
Jan Grulich
5e94ff7a40 Make "ApproveLoggedUserOnly" to ignore "closing" sessions
Resolves: RHEL-34880
2024-10-07 12:57:00 +02:00
Jan Grulich
5ae84e72f3 Fix "ApproveLoggedUserOnly" option not working in some setups
Resolves: RHEL-34880
2024-10-04 09:07:31 +02:00
Jan Grulich
8ed86c60ec Add option "ApproveLoggedUserOnly" allowing to connect only the user
owning the running session

Resolves: RHEL-34880
2024-09-27 15:56:00 +02:00
Jan Grulich
b3a7f8a95f Move old log to log.old if present (fix patch)
Resolves: RHEL-54294
2024-09-04 08:28:59 +02:00
Jan Grulich
ed0ea16f50 1.14.0
Resolves: RHEL-45316

Move old log to log.old if present
Resolves: RHEL-54294

Fix shared memory leak
Resolves: RHEL-55768
2024-09-02 10:42:20 +02:00
Jan Grulich
c27de8c289 vncsession: use /bin/sh if the user shell is not set
Resolves: RHEL-50679
2024-08-05 13:20:45 +02:00
Jan Grulich
45289fbdbc Revert "1.14.0"
This reverts commit 55f47bf052.

Rescheduled for RHEL 9.6.
2024-07-23 15:22:34 +02:00
Jan Grulich
55f47bf052 1.14.0
Resolves: RHEL-45316
2024-07-23 13:56:04 +02:00
Jan Grulich
f76f6574de vncconfig: add option to force view-only remote client connections
Resolves: RHEL-12144
2024-05-28 13:08:57 +02:00
Jan Grulich
d8901da547 Fix CVE-2024-31080 tigervnc: xorg-x11-server: Heap buffer overread/data leakage in ProcXIGetSelectedEvents
Resolves: RHEL-30756

Fix CVE-2024-31083 tigervnc: xorg-x11-server: User-after-free in ProcRenderAddGlyphs
Resolves: RHEL-30768

Fix CVE-2024-31081 tigervnc: xorg-x11-server: Heap buffer overread/data leakage in ProcXIPassiveGrabDevice
Resolves: RHEL-30762
2024-04-16 10:56:46 +02:00
Jan Grulich
7654aeef3b Fix use after free related to CVE-2024-21886
Resolves: RHEL-20389

Fix copy/paste error in the DeviceStateNotify
Resolves: RHEL-20533
2024-02-07 13:32:14 +01:00
Jan Grulich
75082cdb91 Fix CVE-2024-21886 tigervnc: xorg-x11-server: heap buffer overflow in DisableDevice
Resolves: RHEL-20389

Fix CVE-2024-21885 tigervnc: xorg-x11-server: heap buffer overflow in XISendDeviceHierarchyEvent
Resolves: RHEL-20383

Fix CVE-2024-0229 tigervnc: xorg-x11-server: reattaching to different master device may lead to out-of-bounds memory access
Resolves: RHEL-20533

Fix CVE-2023-6816 tigervnc: xorg-x11-server: Heap buffer overflow in DeviceFocusEvent and ProcXIQueryPointer
Resolves: RHEL-21213
2024-01-22 10:28:43 +01:00
Jan Grulich
5a6c55a071 Use dup() to get available file descriptor when using -inetd option
- missing version bump

Resolves: RHEL-19858
2024-01-08 15:09:49 +01:00
Jan Grulich
8f917ea514 Use dup() to get available file descriptor when using -inetd option
Resolves: RHEL-19858
2024-01-08 14:48:28 +01:00
Jan Grulich
49fe969620 Fix CVE-2023-6377 tigervnc: xorg-x11-server: out-of-bounds memory reads/writes in XKB button actions
Resolves: RHEL-18414

Fix CVE-2023-6478 tigervnc: xorg-x11-server: out-of-bounds memory read in RRChangeOutputProperty and RRChangeProviderProperty
Resolves: RHEL-18426
2024-01-02 14:17:24 +01:00
Jan Grulich
71f9cb9382 Fix CVE-2023-5380 tigervnc: xorg-x11-server: Use-after-free bug in DestroyWindow
Resolves: RHEL-15237

Fix CVE-2023-5367 tigervnc: xorg-x11-server: Out-of-bounds write in XIChangeDeviceProperty/RRChangeOutputProperty
Resolves: RHEL-15249
2023-11-01 15:14:21 +01:00
Jan Grulich
ebd2a0d7a1 Support username alias in PlainUsers
Resolves: RHEL-8430
2023-10-09 11:38:33 +02:00
Jan Grulich
b1e183de26 xorg-x11-server: X.Org Server Overlay Window Use-After-Free Local Privilege Escalation Vulnerability
Resolves: bz#2180310
2023-04-11 14:09:50 +02:00
Jan Grulich
c030084269 1.13.1
Resolves: bz#2175732
2023-03-21 10:51:23 +01:00
Jan Grulich
2549fd9a24 SELinux: allow vncsession create .vnc directory
Resolves: bz#2164703
2023-02-21 10:33:26 +01:00
Jan Grulich
b038a24d33 Add sanity check when cleaning up keymap changes
Resolves: bz#2169965
2023-02-15 11:36:32 +01:00
Jan Grulich
bce000f2ab xorg-x11-server: DeepCopyPointerClasses use-after-free leads to privilege elevation
- missing spec file changes
Resolves: bz#2167061
2023-02-06 13:16:49 +01:00
Jan Grulich
197138efeb xorg-x11-server: DeepCopyPointerClasses use-after-free leads to privilege elevation
Resolves: bz#2167061
2023-02-06 12:53:31 +01:00
Tomas Popela
86fc18d8b2 Rebuild for xorg-x11-server CVE-2022-46340 follow up fix
Resolves: CVE-2022-4283 (bz#2154234)
Resolves: CVE-2022-46340 (bz#2154221)
Resolves: CVE-2022-46341 (bz#2154224)
Resolves: CVE-2022-46342 (bz#2154226)
Resolves: CVE-2022-46343 (bz#2154228)
Resolves: CVE-2022-46344 (bz#2154230)
2022-12-20 09:45:14 +01:00
Jan Grulich
06ff78db63 Rebuild for xorg-x11-server CVEs
Resolves: CVE-2022-4283 (bz#2154234)
Resolves: CVE-2022-46340 (bz#2154221)
Resolves: CVE-2022-46341 (bz#2154224)
Resolves: CVE-2022-46342 (bz#2154226)
Resolves: CVE-2022-46343 (bz#2154228)
Resolves: CVE-2022-46344 (bz#2154230)
2022-12-16 11:24:16 +01:00
Jan Grulich
85b050c5d8 x0vncserver: add new keysym in case we don't find matching keycode
+ actually apply the patch

Resolves: bz#2119017
2022-12-01 12:37:19 +01:00
Jan Grulich
ead8165b2a x0vncserver: add new keysym in case we don't find matching keycode
Resolves: bz#2119017
2022-12-01 09:59:22 +01:00
Jan Grulich
d2b496f3dd x0vncserver: fix ghost cursor in zaphod mode (better version)
Resolves: bz#2119016
2022-10-24 12:07:14 +02:00
Jan Grulich
7a28c85f4d Add BR: libXdamage, libXfixes, libXrandr
Resolves: bz#2091833
2022-05-31 10:31:32 +02:00
Jan Grulich
77bb622463 Do not run systemd_preun on Xvnc service file
Resolves: bz#2048011
2022-04-05 09:13:56 +02:00
Jan Grulich
7c58eec745 Drop unexisting option from the old vncserver script
Resolves: bz#2021893
2022-04-04 12:53:28 +02:00
Jan Grulich
24a8d8f61c Update to 1.12.0 + sync with Fedora
Resolves: bz#2048011
Resolves: bz#2021893
2022-03-23 12:15:39 +01:00
Jan Grulich
da2608ff21 Added vncsession-restore script for SELinux policy migration
Fix SELinux context for root user

Resolves: bz#2049506
2022-02-15 10:22:02 +01:00
Jan Grulich
a8e93b65dd Fix yaml syntax in rpminspect.yaml 2021-12-16 14:45:01 +01:00
Jan Grulich
2c9c975b77 Add rpminspect.yaml to supress warnings about badfuncs and runpath checks 2021-12-16 12:21:54 +01:00
Jan Grulich
c791ae8793 Rebuild for absence in RHEL 9.0
Resolves: bz#1985858
2021-11-26 15:42:28 +01:00
Jan Grulich
cd4f8eba50 Sync upstream patches + drop unused patches
Resolves: bz#1985858
2021-08-16 08:26:59 +02:00