Jan Grulich
d72fcf6bf9
Rebuild for updated xorg-x11-server
...
Resolves: RHEL-184004
2026-06-25 08:41:10 +02:00
Jan Grulich
1bd3cd64af
Rebuild against updated xorg-x11-server
...
Fixes CVE-2026-33999, CVE-2026-34000, CVE-2026-34001, CVE-2026-34002,
CVE-2026-34003 xorg-x11-server: various XKB and XSYNC
vulnerabilities
Resolves: RHEL-163282
Resolves: RHEL-163268
Resolves: RHEL-163214
2026-04-28 09:15:21 +02:00
Jan Grulich
08b797e4ce
Update to 1.16.2
...
Resolves: RHEL-154351
2026-04-09 11:07:35 +02:00
Jan Grulich
d815f4c4c9
Fix CVE-2025-62229: xorg-x11-server: Use-after-free in XPresentNotify structures creation
...
Resolves: RHEL-119989
Fix CVE-2025-62230: xorg-x11-server: Use-after-free in Xkb client resource removal
Resolves: RHEL-120009
Fix CVE-2025-62231: xorg-x11-server: Value overflow in Xkb extension XkbSetCompatMap()
Resolves: RHEL-120770
2025-11-04 13:49:30 +01:00
Jan Grulich
8e02c2f3a3
Fix CVE-2025-49175: xorg-x11-server: Out-of-Bounds Read in X Rendering Extension Animated Cursors
...
Resolves: RHEL-97284
Fix CVE-2025-49176: xorg-x11-server: Integer Overflow in Big Requests Extension
Resolves: RHEL-97303
Fix CVE-2025-49178: xorg-x11-server: Unprocessed Client Request Due to Bytes to Ignore
Resolves: RHEL-97379
Fix CVE-2025-49179: xorg-x11-server: Integer overflow in X Record extension
Resolves: RHEL-97414
Fix CVE-2025-49180: xorg-x11-server: Integer Overflow in X Resize, Rotate and Reflect (RandR) Extension
Resolves: RHEL-97429
2025-06-23 11:48:59 +02:00
Jan Grulich
cd2b821cf7
Fix broken authentication with x0vncserver
...
Resolves: RHEL-93573
2025-05-27 14:42:32 +02:00
Jan Grulich
b31462f4f4
Only warn about 8 characters limit, but let it still proceed
...
Resolves: RHEL-89432
2025-05-02 13:54:59 +02:00
Jan Grulich
56175741f2
Fix inetd mode not working
...
Resolves: RHEL-86511
2025-04-16 08:17:33 +02:00
Jan Grulich
8df6b161fe
1.15.0
...
Resolves: RHEL-78617
Add SELinux policy rules allowing to access /proc/sys/fs/nr_open
Resolves: RHEL-77973
Add SELinux policy rules allowing to create directories under /root
Resolves: RHEL-77975
Fix CVE-2025-26594 xorg-x11-server Use-after-free of the root cursor
Resolves: RHEL-80208
Fix CVE-2025-26595 xorg-x11-server Buffer overflow in XkbVModMaskText()
Resolves: RHEL-80189
Fix CVE-2025-26596 xorg-x11-server Heap overflow in XkbWriteKeySyms()
Resolves: RHEL-80194
Fix CVE-2025-26597 xorg-x11-server Buffer overflow in XkbChangeTypesOfKey()
Resolves: RHEL-80196
Fix CVE-2025-26598 xorg-x11-server Out-of-bounds write in CreatePointerBarrierClient()
Resolves: RHEL-80197
Fix CVE-2025-26599 xorg-x11-server Use of uninitialized pointer in compRedirectWindow()
Resolves: RHEL-80206
Fix CVE-2025-26600 xorg-x11-server Use-after-free in PlayReleasedEvents()
Resolves: RHEL-80205
Fix CVE-2025-26601 xorg-x11-server Use-after-free in SyncInitTrigger()
Resolves: RHEL-80209
2025-03-07 15:00:55 +01:00
Jan Grulich
70517c2cc7
Fix crash in clipboard support in x0vncserver
...
Resolves: RHEL-74216
2025-01-21 15:55:15 +01:00
Jan Grulich
2c870727a9
Add cliboard support to x0vncserver
...
Resolves: RHEL-74216
2025-01-16 14:01:54 +01:00
Jan Grulich
300dd6713e
Fix CVE-2024-9632: xorg-x11-server: heap-based buffer overflow privilege escalation vulnerability
...
Resolves: RHEL-62001
2024-10-31 12:53:15 +01:00
Jan Grulich
56b503e143
1.14.1
...
Resolves: RHEL-45316
2024-10-23 09:41:36 +02:00
Jan Grulich
5e94ff7a40
Make "ApproveLoggedUserOnly" to ignore "closing" sessions
...
Resolves: RHEL-34880
2024-10-07 12:57:00 +02:00
Jan Grulich
5ae84e72f3
Fix "ApproveLoggedUserOnly" option not working in some setups
...
Resolves: RHEL-34880
2024-10-04 09:07:31 +02:00
Jan Grulich
8ed86c60ec
Add option "ApproveLoggedUserOnly" allowing to connect only the user
...
owning the running session
Resolves: RHEL-34880
2024-09-27 15:56:00 +02:00
Jan Grulich
b3a7f8a95f
Move old log to log.old if present (fix patch)
...
Resolves: RHEL-54294
2024-09-04 08:28:59 +02:00
Jan Grulich
ed0ea16f50
1.14.0
...
Resolves: RHEL-45316
Move old log to log.old if present
Resolves: RHEL-54294
Fix shared memory leak
Resolves: RHEL-55768
2024-09-02 10:42:20 +02:00
Jan Grulich
c27de8c289
vncsession: use /bin/sh if the user shell is not set
...
Resolves: RHEL-50679
2024-08-05 13:20:45 +02:00
Jan Grulich
45289fbdbc
Revert "1.14.0"
...
This reverts commit 55f47bf052 .
Rescheduled for RHEL 9.6.
2024-07-23 15:22:34 +02:00
Jan Grulich
55f47bf052
1.14.0
...
Resolves: RHEL-45316
2024-07-23 13:56:04 +02:00
Jan Grulich
f76f6574de
vncconfig: add option to force view-only remote client connections
...
Resolves: RHEL-12144
2024-05-28 13:08:57 +02:00
Jan Grulich
d8901da547
Fix CVE-2024-31080 tigervnc: xorg-x11-server: Heap buffer overread/data leakage in ProcXIGetSelectedEvents
...
Resolves: RHEL-30756
Fix CVE-2024-31083 tigervnc: xorg-x11-server: User-after-free in ProcRenderAddGlyphs
Resolves: RHEL-30768
Fix CVE-2024-31081 tigervnc: xorg-x11-server: Heap buffer overread/data leakage in ProcXIPassiveGrabDevice
Resolves: RHEL-30762
2024-04-16 10:56:46 +02:00
Jan Grulich
7654aeef3b
Fix use after free related to CVE-2024-21886
...
Resolves: RHEL-20389
Fix copy/paste error in the DeviceStateNotify
Resolves: RHEL-20533
2024-02-07 13:32:14 +01:00
Jan Grulich
75082cdb91
Fix CVE-2024-21886 tigervnc: xorg-x11-server: heap buffer overflow in DisableDevice
...
Resolves: RHEL-20389
Fix CVE-2024-21885 tigervnc: xorg-x11-server: heap buffer overflow in XISendDeviceHierarchyEvent
Resolves: RHEL-20383
Fix CVE-2024-0229 tigervnc: xorg-x11-server: reattaching to different master device may lead to out-of-bounds memory access
Resolves: RHEL-20533
Fix CVE-2023-6816 tigervnc: xorg-x11-server: Heap buffer overflow in DeviceFocusEvent and ProcXIQueryPointer
Resolves: RHEL-21213
2024-01-22 10:28:43 +01:00
Jan Grulich
5a6c55a071
Use dup() to get available file descriptor when using -inetd option
...
- missing version bump
Resolves: RHEL-19858
2024-01-08 15:09:49 +01:00
Jan Grulich
8f917ea514
Use dup() to get available file descriptor when using -inetd option
...
Resolves: RHEL-19858
2024-01-08 14:48:28 +01:00
Jan Grulich
49fe969620
Fix CVE-2023-6377 tigervnc: xorg-x11-server: out-of-bounds memory reads/writes in XKB button actions
...
Resolves: RHEL-18414
Fix CVE-2023-6478 tigervnc: xorg-x11-server: out-of-bounds memory read in RRChangeOutputProperty and RRChangeProviderProperty
Resolves: RHEL-18426
2024-01-02 14:17:24 +01:00
Jan Grulich
71f9cb9382
Fix CVE-2023-5380 tigervnc: xorg-x11-server: Use-after-free bug in DestroyWindow
...
Resolves: RHEL-15237
Fix CVE-2023-5367 tigervnc: xorg-x11-server: Out-of-bounds write in XIChangeDeviceProperty/RRChangeOutputProperty
Resolves: RHEL-15249
2023-11-01 15:14:21 +01:00
Jan Grulich
ebd2a0d7a1
Support username alias in PlainUsers
...
Resolves: RHEL-8430
2023-10-09 11:38:33 +02:00
Jan Grulich
b1e183de26
xorg-x11-server: X.Org Server Overlay Window Use-After-Free Local Privilege Escalation Vulnerability
...
Resolves: bz#2180310
2023-04-11 14:09:50 +02:00
Jan Grulich
c030084269
1.13.1
...
Resolves: bz#2175732
2023-03-21 10:51:23 +01:00
Jan Grulich
2549fd9a24
SELinux: allow vncsession create .vnc directory
...
Resolves: bz#2164703
2023-02-21 10:33:26 +01:00
Jan Grulich
b038a24d33
Add sanity check when cleaning up keymap changes
...
Resolves: bz#2169965
2023-02-15 11:36:32 +01:00
Jan Grulich
bce000f2ab
xorg-x11-server: DeepCopyPointerClasses use-after-free leads to privilege elevation
...
- missing spec file changes
Resolves: bz#2167061
2023-02-06 13:16:49 +01:00
Jan Grulich
197138efeb
xorg-x11-server: DeepCopyPointerClasses use-after-free leads to privilege elevation
...
Resolves: bz#2167061
2023-02-06 12:53:31 +01:00
Tomas Popela
86fc18d8b2
Rebuild for xorg-x11-server CVE-2022-46340 follow up fix
...
Resolves: CVE-2022-4283 (bz#2154234)
Resolves: CVE-2022-46340 (bz#2154221)
Resolves: CVE-2022-46341 (bz#2154224)
Resolves: CVE-2022-46342 (bz#2154226)
Resolves: CVE-2022-46343 (bz#2154228)
Resolves: CVE-2022-46344 (bz#2154230)
2022-12-20 09:45:14 +01:00
Jan Grulich
06ff78db63
Rebuild for xorg-x11-server CVEs
...
Resolves: CVE-2022-4283 (bz#2154234)
Resolves: CVE-2022-46340 (bz#2154221)
Resolves: CVE-2022-46341 (bz#2154224)
Resolves: CVE-2022-46342 (bz#2154226)
Resolves: CVE-2022-46343 (bz#2154228)
Resolves: CVE-2022-46344 (bz#2154230)
2022-12-16 11:24:16 +01:00
Jan Grulich
85b050c5d8
x0vncserver: add new keysym in case we don't find matching keycode
...
+ actually apply the patch
Resolves: bz#2119017
2022-12-01 12:37:19 +01:00
Jan Grulich
ead8165b2a
x0vncserver: add new keysym in case we don't find matching keycode
...
Resolves: bz#2119017
2022-12-01 09:59:22 +01:00
Jan Grulich
d2b496f3dd
x0vncserver: fix ghost cursor in zaphod mode (better version)
...
Resolves: bz#2119016
2022-10-24 12:07:14 +02:00
Jan Grulich
7a28c85f4d
Add BR: libXdamage, libXfixes, libXrandr
...
Resolves: bz#2091833
2022-05-31 10:31:32 +02:00
Jan Grulich
77bb622463
Do not run systemd_preun on Xvnc service file
...
Resolves: bz#2048011
2022-04-05 09:13:56 +02:00
Jan Grulich
7c58eec745
Drop unexisting option from the old vncserver script
...
Resolves: bz#2021893
2022-04-04 12:53:28 +02:00
Jan Grulich
24a8d8f61c
Update to 1.12.0 + sync with Fedora
...
Resolves: bz#2048011
Resolves: bz#2021893
2022-03-23 12:15:39 +01:00
Jan Grulich
da2608ff21
Added vncsession-restore script for SELinux policy migration
...
Fix SELinux context for root user
Resolves: bz#2049506
2022-02-15 10:22:02 +01:00
Jan Grulich
a8e93b65dd
Fix yaml syntax in rpminspect.yaml
2021-12-16 14:45:01 +01:00
Jan Grulich
2c9c975b77
Add rpminspect.yaml to supress warnings about badfuncs and runpath checks
2021-12-16 12:21:54 +01:00
Jan Grulich
c791ae8793
Rebuild for absence in RHEL 9.0
...
Resolves: bz#1985858
2021-11-26 15:42:28 +01:00
Jan Grulich
cd4f8eba50
Sync upstream patches + drop unused patches
...
Resolves: bz#1985858
2021-08-16 08:26:59 +02:00