Compare commits
No commits in common. "c8" and "c9" have entirely different histories.
|
@ -12,7 +12,7 @@
|
||||||
#EndSection
|
#EndSection
|
||||||
|
|
||||||
#Section "Screen"
|
#Section "Screen"
|
||||||
# Identifier "Screen0"
|
# Identifier "Screen0
|
||||||
# DefaultDepth 16
|
# DefaultDepth 16
|
||||||
# Option "SecurityTypes" "VncAuth"
|
# Option "SecurityTypes" "VncAuth"
|
||||||
# Option "PasswordFile" "/root/.vnc/passwd"
|
# Option "PasswordFile" "/root/.vnc/passwd"
|
||||||
|
|
|
@ -1,51 +0,0 @@
|
||||||
diff --git a/po/CMakeLists.txt b/po/CMakeLists.txt
|
|
||||||
index 052cfb3..c84fb0e 100644
|
|
||||||
--- a/po/CMakeLists.txt
|
|
||||||
+++ b/po/CMakeLists.txt
|
|
||||||
@@ -14,7 +14,6 @@ if (GETTEXT_XGETTEXT_EXECUTABLE)
|
|
||||||
${PROJECT_SOURCE_DIR}/vncviewer/*.h
|
|
||||||
${PROJECT_SOURCE_DIR}/vncviewer/*.cxx
|
|
||||||
${PROJECT_SOURCE_DIR}/vncviewer/*.desktop.in.in
|
|
||||||
- ${PROJECT_SOURCE_DIR}/vncviewer/*.metainfo.xml.in
|
|
||||||
)
|
|
||||||
|
|
||||||
add_custom_target(translations_update
|
|
||||||
diff --git a/vncviewer/CMakeLists.txt b/vncviewer/CMakeLists.txt
|
|
||||||
index 15eac66..450b732 100644
|
|
||||||
--- a/vncviewer/CMakeLists.txt
|
|
||||||
+++ b/vncviewer/CMakeLists.txt
|
|
||||||
@@ -100,34 +100,6 @@ if(UNIX)
|
|
||||||
add_custom_target(desktop ALL DEPENDS vncviewer.desktop)
|
|
||||||
install(FILES ${CMAKE_CURRENT_BINARY_DIR}/vncviewer.desktop DESTINATION ${CMAKE_INSTALL_FULL_DATADIR}/applications)
|
|
||||||
|
|
||||||
- if("${GETTEXT_VERSION_STRING}" VERSION_GREATER 0.19.6)
|
|
||||||
- add_custom_command(OUTPUT org.tigervnc.vncviewer.metainfo.xml
|
|
||||||
- COMMAND ${GETTEXT_MSGFMT_EXECUTABLE}
|
|
||||||
- --xml --template ${CMAKE_CURRENT_SOURCE_DIR}/org.tigervnc.vncviewer.metainfo.xml.in
|
|
||||||
- -d ${CMAKE_SOURCE_DIR}/po -o org.tigervnc.vncviewer.metainfo.xml
|
|
||||||
- DEPENDS ${CMAKE_CURRENT_SOURCE_DIR}/org.tigervnc.vncviewer.metainfo.xml.in
|
|
||||||
- )
|
|
||||||
- elseif(INTLTOOL_MERGE_EXECUTABLE)
|
|
||||||
- add_custom_command(OUTPUT org.tigervnc.vncviewer.metainfo.xml
|
|
||||||
- COMMAND sed -e 's@<name>@<_name>@\;s@</name>@</_name>@'
|
|
||||||
- -e 's@<summary>@<_summary>@\;s@</summary>@</_summary>@'
|
|
||||||
- -e 's@<caption>@<_caption>@\;s@</caption>@</_caption>@'
|
|
||||||
- -e 's@<p>@<_p>@g\;s@</p>@</_p>@g'
|
|
||||||
- ${CMAKE_CURRENT_SOURCE_DIR}/org.tigervnc.vncviewer.metainfo.xml.in > org.tigervnc.vncviewer.metainfo.xml.intl
|
|
||||||
- COMMAND ${INTLTOOL_MERGE_EXECUTABLE}
|
|
||||||
- -x ${CMAKE_SOURCE_DIR}/po
|
|
||||||
- org.tigervnc.vncviewer.metainfo.xml.intl org.tigervnc.vncviewer.metainfo.xml
|
|
||||||
- DEPENDS ${CMAKE_CURRENT_SOURCE_DIR}/org.tigervnc.vncviewer.metainfo.xml.in
|
|
||||||
- )
|
|
||||||
- else()
|
|
||||||
- add_custom_command(OUTPUT org.tigervnc.vncviewer.metainfo.xml
|
|
||||||
- COMMAND cp ${CMAKE_CURRENT_SOURCE_DIR}/org.tigervnc.vncviewer.metainfo.xml.in org.tigervnc.vncviewer.metainfo.xml
|
|
||||||
- DEPENDS ${CMAKE_CURRENT_SOURCE_DIR}/org.tigervnc.vncviewer.metainfo.xml.in
|
|
||||||
- )
|
|
||||||
- endif()
|
|
||||||
- add_custom_target(appstream ALL DEPENDS org.tigervnc.vncviewer.metainfo.xml)
|
|
||||||
- install(FILES ${CMAKE_CURRENT_BINARY_DIR}/org.tigervnc.vncviewer.metainfo.xml DESTINATION ${CMAKE_INSTALL_FULL_DATADIR}/metainfo)
|
|
||||||
-
|
|
||||||
foreach(res 16 22 24 32 48 64 128)
|
|
||||||
install(FILES ../media/icons/tigervnc_${res}.png DESTINATION ${CMAKE_INSTALL_FULL_DATADIR}/icons/hicolor/${res}x${res}/apps RENAME tigervnc.png)
|
|
||||||
endforeach()
|
|
|
@ -0,0 +1,32 @@
|
||||||
|
From 133e0d651c5d12bf01999d6289e84e224ba77adc Mon Sep 17 00:00:00 2001
|
||||||
|
From: Peter Hutterer <peter.hutterer@who-t.net>
|
||||||
|
Date: Mon, 22 Jan 2024 14:22:12 +1000
|
||||||
|
Subject: [PATCH] dix: fix valuator copy/paste error in the DeviceStateNotify
|
||||||
|
event
|
||||||
|
|
||||||
|
Fixes 219c54b8a3337456ce5270ded6a67bcde53553d5
|
||||||
|
---
|
||||||
|
dix/enterleave.c | 6 +++---
|
||||||
|
1 file changed, 3 insertions(+), 3 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/dix/enterleave.c b/dix/enterleave.c
|
||||||
|
index 7b7ba1098b..c1e6ac600e 100644
|
||||||
|
--- a/dix/enterleave.c
|
||||||
|
+++ b/dix/enterleave.c
|
||||||
|
@@ -619,11 +619,11 @@ FixDeviceValuator(DeviceIntPtr dev, deviceValuator * ev, ValuatorClassPtr v,
|
||||||
|
ev->first_valuator = first;
|
||||||
|
switch (ev->num_valuators) {
|
||||||
|
case 6:
|
||||||
|
- ev->valuator2 = v->axisVal[first + 5];
|
||||||
|
+ ev->valuator5 = v->axisVal[first + 5];
|
||||||
|
case 5:
|
||||||
|
- ev->valuator2 = v->axisVal[first + 4];
|
||||||
|
+ ev->valuator4 = v->axisVal[first + 4];
|
||||||
|
case 4:
|
||||||
|
- ev->valuator2 = v->axisVal[first + 3];
|
||||||
|
+ ev->valuator3 = v->axisVal[first + 3];
|
||||||
|
case 3:
|
||||||
|
ev->valuator2 = v->axisVal[first + 2];
|
||||||
|
case 2:
|
||||||
|
--
|
||||||
|
GitLab
|
|
@ -0,0 +1,45 @@
|
||||||
|
From 96798fc1967491c80a4d0c8d9e0a80586cb2152b Mon Sep 17 00:00:00 2001
|
||||||
|
From: Alan Coopersmith <alan.coopersmith@oracle.com>
|
||||||
|
Date: Fri, 22 Mar 2024 18:51:45 -0700
|
||||||
|
Subject: [PATCH 1/4] Xi: ProcXIGetSelectedEvents needs to use unswapped length
|
||||||
|
to send reply
|
||||||
|
|
||||||
|
CVE-2024-31080
|
||||||
|
|
||||||
|
Reported-by: https://debbugs.gnu.org/cgi/bugreport.cgi?bug=69762
|
||||||
|
Fixes: 53e821ab4 ("Xi: add request processing for XIGetSelectedEvents.")
|
||||||
|
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
||||||
|
Part-of: <https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/1463>
|
||||||
|
---
|
||||||
|
Xi/xiselectev.c | 5 ++++-
|
||||||
|
1 file changed, 4 insertions(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/Xi/xiselectev.c b/Xi/xiselectev.c
|
||||||
|
index edcb8a0d3..ac1494987 100644
|
||||||
|
--- a/Xi/xiselectev.c
|
||||||
|
+++ b/Xi/xiselectev.c
|
||||||
|
@@ -349,6 +349,7 @@ ProcXIGetSelectedEvents(ClientPtr client)
|
||||||
|
InputClientsPtr others = NULL;
|
||||||
|
xXIEventMask *evmask = NULL;
|
||||||
|
DeviceIntPtr dev;
|
||||||
|
+ uint32_t length;
|
||||||
|
|
||||||
|
REQUEST(xXIGetSelectedEventsReq);
|
||||||
|
REQUEST_SIZE_MATCH(xXIGetSelectedEventsReq);
|
||||||
|
@@ -418,10 +419,12 @@ ProcXIGetSelectedEvents(ClientPtr client)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
+ /* save the value before SRepXIGetSelectedEvents swaps it */
|
||||||
|
+ length = reply.length;
|
||||||
|
WriteReplyToClient(client, sizeof(xXIGetSelectedEventsReply), &reply);
|
||||||
|
|
||||||
|
if (reply.num_masks)
|
||||||
|
- WriteToClient(client, reply.length * 4, buffer);
|
||||||
|
+ WriteToClient(client, length * 4, buffer);
|
||||||
|
|
||||||
|
free(buffer);
|
||||||
|
return Success;
|
||||||
|
--
|
||||||
|
2.44.0
|
||||||
|
|
|
@ -0,0 +1,43 @@
|
||||||
|
From 3e77295f888c67fc7645db5d0c00926a29ffecee Mon Sep 17 00:00:00 2001
|
||||||
|
From: Alan Coopersmith <alan.coopersmith@oracle.com>
|
||||||
|
Date: Fri, 22 Mar 2024 18:56:27 -0700
|
||||||
|
Subject: [PATCH 2/4] Xi: ProcXIPassiveGrabDevice needs to use unswapped length
|
||||||
|
to send reply
|
||||||
|
|
||||||
|
CVE-2024-31081
|
||||||
|
|
||||||
|
Fixes: d220d6907 ("Xi: add GrabButton and GrabKeysym code.")
|
||||||
|
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
||||||
|
Part-of: <https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/1463>
|
||||||
|
---
|
||||||
|
Xi/xipassivegrab.c | 5 ++++-
|
||||||
|
1 file changed, 4 insertions(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/Xi/xipassivegrab.c b/Xi/xipassivegrab.c
|
||||||
|
index c9ac2f855..896233bec 100644
|
||||||
|
--- a/Xi/xipassivegrab.c
|
||||||
|
+++ b/Xi/xipassivegrab.c
|
||||||
|
@@ -93,6 +93,7 @@ ProcXIPassiveGrabDevice(ClientPtr client)
|
||||||
|
GrabParameters param;
|
||||||
|
void *tmp;
|
||||||
|
int mask_len;
|
||||||
|
+ uint32_t length;
|
||||||
|
|
||||||
|
REQUEST(xXIPassiveGrabDeviceReq);
|
||||||
|
REQUEST_FIXED_SIZE(xXIPassiveGrabDeviceReq,
|
||||||
|
@@ -247,9 +248,11 @@ ProcXIPassiveGrabDevice(ClientPtr client)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
+ /* save the value before SRepXIPassiveGrabDevice swaps it */
|
||||||
|
+ length = rep.length;
|
||||||
|
WriteReplyToClient(client, sizeof(rep), &rep);
|
||||||
|
if (rep.num_modifiers)
|
||||||
|
- WriteToClient(client, rep.length * 4, modifiers_failed);
|
||||||
|
+ WriteToClient(client, length * 4, modifiers_failed);
|
||||||
|
|
||||||
|
out:
|
||||||
|
free(modifiers_failed);
|
||||||
|
--
|
||||||
|
2.44.0
|
||||||
|
|
|
@ -0,0 +1,47 @@
|
||||||
|
From 6c684d035c06fd41c727f0ef0744517580864cef Mon Sep 17 00:00:00 2001
|
||||||
|
From: Alan Coopersmith <alan.coopersmith@oracle.com>
|
||||||
|
Date: Fri, 22 Mar 2024 19:07:34 -0700
|
||||||
|
Subject: [PATCH 3/4] Xquartz: ProcAppleDRICreatePixmap needs to use unswapped
|
||||||
|
length to send reply
|
||||||
|
|
||||||
|
CVE-2024-31082
|
||||||
|
|
||||||
|
Fixes: 14205ade0 ("XQuartz: appledri: Fix byte swapping in replies")
|
||||||
|
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
|
||||||
|
Part-of: <https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/1463>
|
||||||
|
---
|
||||||
|
hw/xquartz/xpr/appledri.c | 4 +++-
|
||||||
|
1 file changed, 3 insertions(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/hw/xquartz/xpr/appledri.c b/hw/xquartz/xpr/appledri.c
|
||||||
|
index 77574655b..40422b61a 100644
|
||||||
|
--- a/hw/xquartz/xpr/appledri.c
|
||||||
|
+++ b/hw/xquartz/xpr/appledri.c
|
||||||
|
@@ -272,6 +272,7 @@ ProcAppleDRICreatePixmap(ClientPtr client)
|
||||||
|
xAppleDRICreatePixmapReply rep;
|
||||||
|
int width, height, pitch, bpp;
|
||||||
|
void *ptr;
|
||||||
|
+ CARD32 stringLength;
|
||||||
|
|
||||||
|
REQUEST_SIZE_MATCH(xAppleDRICreatePixmapReq);
|
||||||
|
|
||||||
|
@@ -307,6 +308,7 @@ ProcAppleDRICreatePixmap(ClientPtr client)
|
||||||
|
if (sizeof(rep) != sz_xAppleDRICreatePixmapReply)
|
||||||
|
ErrorF("error sizeof(rep) is %zu\n", sizeof(rep));
|
||||||
|
|
||||||
|
+ stringLength = rep.stringLength; /* save unswapped value */
|
||||||
|
if (client->swapped) {
|
||||||
|
swaps(&rep.sequenceNumber);
|
||||||
|
swapl(&rep.length);
|
||||||
|
@@ -319,7 +321,7 @@ ProcAppleDRICreatePixmap(ClientPtr client)
|
||||||
|
}
|
||||||
|
|
||||||
|
WriteToClient(client, sizeof(rep), &rep);
|
||||||
|
- WriteToClient(client, rep.stringLength, path);
|
||||||
|
+ WriteToClient(client, stringLength, path);
|
||||||
|
|
||||||
|
return Success;
|
||||||
|
}
|
||||||
|
--
|
||||||
|
2.44.0
|
||||||
|
|
|
@ -0,0 +1,112 @@
|
||||||
|
From bdca6c3d1f5057eeb31609b1280fc93237b00c77 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Peter Hutterer <peter.hutterer@who-t.net>
|
||||||
|
Date: Tue, 30 Jan 2024 13:13:35 +1000
|
||||||
|
Subject: [PATCH 4/4] render: fix refcounting of glyphs during
|
||||||
|
ProcRenderAddGlyphs
|
||||||
|
|
||||||
|
Previously, AllocateGlyph would return a new glyph with refcount=0 and a
|
||||||
|
re-used glyph would end up not changing the refcount at all. The
|
||||||
|
resulting glyph_new array would thus have multiple entries pointing to
|
||||||
|
the same non-refcounted glyphs.
|
||||||
|
|
||||||
|
AddGlyph may free a glyph, resulting in a UAF when the same glyph
|
||||||
|
pointer is then later used.
|
||||||
|
|
||||||
|
Fix this by returning a refcount of 1 for a new glyph and always
|
||||||
|
incrementing the refcount for a re-used glyph, followed by dropping that
|
||||||
|
refcount back down again when we're done with it.
|
||||||
|
|
||||||
|
CVE-2024-31083, ZDI-CAN-22880
|
||||||
|
|
||||||
|
This vulnerability was discovered by:
|
||||||
|
Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
|
||||||
|
|
||||||
|
Part-of: <https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/1463>
|
||||||
|
---
|
||||||
|
render/glyph.c | 5 +++--
|
||||||
|
render/glyphstr_priv.h | 1 +
|
||||||
|
render/render.c | 15 +++++++++++----
|
||||||
|
3 files changed, 15 insertions(+), 6 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/render/glyph.c b/render/glyph.c
|
||||||
|
index 850ea8440..13991f8a1 100644
|
||||||
|
--- a/render/glyph.c
|
||||||
|
+++ b/render/glyph.c
|
||||||
|
@@ -245,10 +245,11 @@ FreeGlyphPicture(GlyphPtr glyph)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
-static void
|
||||||
|
+void
|
||||||
|
FreeGlyph(GlyphPtr glyph, int format)
|
||||||
|
{
|
||||||
|
CheckDuplicates(&globalGlyphs[format], "FreeGlyph");
|
||||||
|
+ BUG_RETURN(glyph->refcnt == 0);
|
||||||
|
if (--glyph->refcnt == 0) {
|
||||||
|
GlyphRefPtr gr;
|
||||||
|
int i;
|
||||||
|
@@ -354,7 +355,7 @@ AllocateGlyph(xGlyphInfo * gi, int fdepth)
|
||||||
|
glyph = (GlyphPtr) malloc(size);
|
||||||
|
if (!glyph)
|
||||||
|
return 0;
|
||||||
|
- glyph->refcnt = 0;
|
||||||
|
+ glyph->refcnt = 1;
|
||||||
|
glyph->size = size + sizeof(xGlyphInfo);
|
||||||
|
glyph->info = *gi;
|
||||||
|
dixInitPrivates(glyph, (char *) glyph + head_size, PRIVATE_GLYPH);
|
||||||
|
diff --git a/render/glyphstr.h b/render/glyphstr.h
|
||||||
|
index 2f51bd244..3b1d806d1 100644
|
||||||
|
--- a/render/glyphstr.h
|
||||||
|
+++ b/render/glyphstr.h
|
||||||
|
@@ -108,6 +108,7 @@ extern Bool
|
||||||
|
extern GlyphPtr FindGlyph(GlyphSetPtr glyphSet, Glyph id);
|
||||||
|
|
||||||
|
extern GlyphPtr AllocateGlyph(xGlyphInfo * gi, int format);
|
||||||
|
+extern void FreeGlyph(GlyphPtr glyph, int format);
|
||||||
|
|
||||||
|
extern Bool
|
||||||
|
ResizeGlyphSet(GlyphSetPtr glyphSet, CARD32 change);
|
||||||
|
diff --git a/render/render.c b/render/render.c
|
||||||
|
index 29c5055c6..fe5e37dd9 100644
|
||||||
|
--- a/render/render.c
|
||||||
|
+++ b/render/render.c
|
||||||
|
@@ -1076,6 +1076,7 @@ ProcRenderAddGlyphs(ClientPtr client)
|
||||||
|
|
||||||
|
if (glyph_new->glyph && glyph_new->glyph != DeletedGlyph) {
|
||||||
|
glyph_new->found = TRUE;
|
||||||
|
+ ++glyph_new->glyph->refcnt;
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
GlyphPtr glyph;
|
||||||
|
@@ -1168,8 +1169,10 @@ ProcRenderAddGlyphs(ClientPtr client)
|
||||||
|
err = BadAlloc;
|
||||||
|
goto bail;
|
||||||
|
}
|
||||||
|
- for (i = 0; i < nglyphs; i++)
|
||||||
|
+ for (i = 0; i < nglyphs; i++) {
|
||||||
|
AddGlyph(glyphSet, glyphs[i].glyph, glyphs[i].id);
|
||||||
|
+ FreeGlyph(glyphs[i].glyph, glyphSet->fdepth);
|
||||||
|
+ }
|
||||||
|
|
||||||
|
if (glyphsBase != glyphsLocal)
|
||||||
|
free(glyphsBase);
|
||||||
|
@@ -1179,9 +1182,13 @@ ProcRenderAddGlyphs(ClientPtr client)
|
||||||
|
FreePicture((void *) pSrc, 0);
|
||||||
|
if (pSrcPix)
|
||||||
|
FreeScratchPixmapHeader(pSrcPix);
|
||||||
|
- for (i = 0; i < nglyphs; i++)
|
||||||
|
- if (glyphs[i].glyph && !glyphs[i].found)
|
||||||
|
- free(glyphs[i].glyph);
|
||||||
|
+ for (i = 0; i < nglyphs; i++) {
|
||||||
|
+ if (glyphs[i].glyph) {
|
||||||
|
+ --glyphs[i].glyph->refcnt;
|
||||||
|
+ if (!glyphs[i].found)
|
||||||
|
+ free(glyphs[i].glyph);
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
if (glyphsBase != glyphsLocal)
|
||||||
|
free(glyphsBase);
|
||||||
|
return err;
|
||||||
|
--
|
||||||
|
2.44.0
|
||||||
|
|
|
@ -32,7 +32,7 @@
|
||||||
Description=XVNC Per-Connection Daemon
|
Description=XVNC Per-Connection Daemon
|
||||||
|
|
||||||
[Service]
|
[Service]
|
||||||
ExecStart=-/usr/bin/Xvnc -inetd -query localhost -geometry 1024x768 -depth 24 -once -SecurityTypes=None -Log *:syslog:30
|
ExecStart=-/usr/bin/Xvnc -inetd -query localhost -geometry 1024x768 -depth 24 -once -SecurityTypes=None
|
||||||
User=nobody
|
User=nobody
|
||||||
StandardInput=socket
|
StandardInput=socket
|
||||||
StandardError=syslog
|
StandardError=syslog
|
||||||
|
|
|
@ -5,12 +5,12 @@
|
||||||
|
|
||||||
Name: tigervnc
|
Name: tigervnc
|
||||||
Version: 1.13.1
|
Version: 1.13.1
|
||||||
Release: 10%{?dist}
|
Release: 8%{?dist}.3
|
||||||
Summary: A TigerVNC remote display system
|
Summary: A TigerVNC remote display system
|
||||||
|
|
||||||
%global _hardened_build 1
|
%global _hardened_build 1
|
||||||
|
|
||||||
License: GPLv2+
|
License: GPL-2.0-or-later
|
||||||
URL: http://www.tigervnc.com
|
URL: http://www.tigervnc.com
|
||||||
|
|
||||||
Source0: %{name}-%{version}.tar.gz
|
Source0: %{name}-%{version}.tar.gz
|
||||||
|
@ -24,7 +24,6 @@ Source5: vncserver
|
||||||
# Downstream patches
|
# Downstream patches
|
||||||
Patch1: tigervnc-use-gnome-as-default-session.patch
|
Patch1: tigervnc-use-gnome-as-default-session.patch
|
||||||
Patch2: tigervnc-vncsession-restore-script-systemd-service.patch
|
Patch2: tigervnc-vncsession-restore-script-systemd-service.patch
|
||||||
Patch3: tigervnc-dont-install-appstream-metadata-file.patch
|
|
||||||
|
|
||||||
# Upstream patches
|
# Upstream patches
|
||||||
Patch50: tigervnc-support-username-alias-in-plainusers.patch
|
Patch50: tigervnc-support-username-alias-in-plainusers.patch
|
||||||
|
@ -39,7 +38,14 @@ Patch100: tigervnc-xserver120.patch
|
||||||
Patch101: 0001-rpath-hack.patch
|
Patch101: 0001-rpath-hack.patch
|
||||||
|
|
||||||
# XServer patches
|
# XServer patches
|
||||||
Patch200: xorg-CVE-2024-31083-followup.patch
|
# CVE-2024-0229
|
||||||
|
# https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/1251
|
||||||
|
Patch200: xorg-CVE-2024-0229-followup.patch
|
||||||
|
Patch201: xorg-CVE-2024-31080.patch
|
||||||
|
Patch202: xorg-CVE-2024-31081.patch
|
||||||
|
Patch203: xorg-CVE-2024-31082.patch
|
||||||
|
Patch204: xorg-CVE-2024-31083.patch
|
||||||
|
Patch205: xorg-CVE-2024-31083-followup.patch
|
||||||
|
|
||||||
BuildRequires: make
|
BuildRequires: make
|
||||||
BuildRequires: gcc-c++
|
BuildRequires: gcc-c++
|
||||||
|
@ -125,10 +131,12 @@ X session.
|
||||||
|
|
||||||
%package server-minimal
|
%package server-minimal
|
||||||
Summary: A minimal installation of TigerVNC server
|
Summary: A minimal installation of TigerVNC server
|
||||||
Requires(post): chkconfig
|
Requires(post): systemd
|
||||||
Requires(preun):chkconfig
|
Requires(preun): systemd
|
||||||
|
Requires(postun): systemd
|
||||||
|
Requires(post): systemd
|
||||||
|
|
||||||
Requires: mesa-dri-drivers, xkeyboard-config, xorg-x11-xkb-utils
|
Requires: mesa-dri-drivers, xkeyboard-config, xkbcomp
|
||||||
Requires: tigervnc-license, dbus-x11
|
Requires: tigervnc-license, dbus-x11
|
||||||
|
|
||||||
%description server-minimal
|
%description server-minimal
|
||||||
|
@ -187,12 +195,16 @@ for all in `find . -type f -perm -001`; do
|
||||||
done
|
done
|
||||||
%patch100 -p1 -b .xserver120-rebased
|
%patch100 -p1 -b .xserver120-rebased
|
||||||
%patch101 -p1 -b .rpath
|
%patch101 -p1 -b .rpath
|
||||||
%patch200 -p1 -b .xorg-CVE-2024-31083-followup
|
%patch200 -p1 -b .xorg-CVE-2024-0229-followup
|
||||||
|
%patch201 -p1 -b .xorg-CVE-2024-31080.patch
|
||||||
|
%patch202 -p1 -b .xorg-CVE-2024-31081.patch
|
||||||
|
%patch203 -p1 -b .xorg-CVE-2024-31082.patch
|
||||||
|
%patch204 -p1 -b .xorg-CVE-2024-31083.patch
|
||||||
|
%patch205 -p1 -b .xorg-CVE-2024-31083-followup.patch
|
||||||
popd
|
popd
|
||||||
|
|
||||||
%patch1 -p1 -b .use-gnome-as-default-session
|
%patch1 -p1 -b .use-gnome-as-default-session
|
||||||
%patch2 -p1 -b .vncsession-restore-script-systemd-service
|
%patch2 -p1 -b .vncsession-restore-script-systemd-service
|
||||||
%patch3 -p1 -b .dont-install-appstream-metadata-file.patch
|
|
||||||
|
|
||||||
# Upstream patches
|
# Upstream patches
|
||||||
%patch50 -p1 -b .support-username-alias-in-plainusers
|
%patch50 -p1 -b .support-username-alias-in-plainusers
|
||||||
|
@ -207,12 +219,22 @@ export CFLAGS="$RPM_OPT_FLAGS -fPIC"
|
||||||
%else
|
%else
|
||||||
export CFLAGS="$RPM_OPT_FLAGS -fpic"
|
export CFLAGS="$RPM_OPT_FLAGS -fpic"
|
||||||
%endif
|
%endif
|
||||||
export CXXFLAGS="$CFLAGS"
|
export CXXFLAGS="$CFLAGS -std=c++11"
|
||||||
|
|
||||||
%{cmake} .
|
%define __cmake_builddir %{_target_platform}
|
||||||
make %{?_smp_mflags}
|
|
||||||
|
mkdir -p %{%__cmake_builddir}
|
||||||
|
|
||||||
|
%cmake
|
||||||
|
|
||||||
|
%cmake_build
|
||||||
|
|
||||||
pushd unix/xserver
|
pushd unix/xserver
|
||||||
|
|
||||||
|
%if 0%{?fedora} > 32 || 0%{?rhel} >= 9
|
||||||
|
sed -i 's@TIGERVNC_BUILDDIR=${TIGERVNC_SRCDIR}@TIGERVNC_BUILDDIR=${TIGERVNC_SRCDIR}/%{_target_platform}@g' hw/vnc/Makefile.am
|
||||||
|
%endif
|
||||||
|
|
||||||
autoreconf -fiv
|
autoreconf -fiv
|
||||||
%configure \
|
%configure \
|
||||||
--disable-xorg --disable-xnest --disable-xvfb --disable-dmx \
|
--disable-xorg --disable-xnest --disable-xvfb --disable-dmx \
|
||||||
|
@ -235,7 +257,11 @@ make %{?_smp_mflags}
|
||||||
popd
|
popd
|
||||||
|
|
||||||
# Build icons
|
# Build icons
|
||||||
|
%if 0%{?fedora} > 32 || 0%{?rhel} >= 9
|
||||||
|
pushd %{_target_platform}/media
|
||||||
|
%else
|
||||||
pushd media
|
pushd media
|
||||||
|
%endif
|
||||||
make
|
make
|
||||||
popd
|
popd
|
||||||
|
|
||||||
|
@ -244,19 +270,19 @@ pushd unix/vncserver/selinux
|
||||||
make
|
make
|
||||||
popd
|
popd
|
||||||
|
|
||||||
|
|
||||||
%install
|
%install
|
||||||
%make_install
|
%cmake_install
|
||||||
|
rm -f %{buildroot}%{_docdir}/%{name}-%{version}/{README.rst,LICENCE.TXT}
|
||||||
|
|
||||||
pushd unix/xserver/hw/vnc
|
pushd unix/xserver/hw/vnc
|
||||||
make install DESTDIR=%{buildroot}
|
%make_install
|
||||||
popd
|
popd
|
||||||
|
|
||||||
|
# Install systemd unit file
|
||||||
pushd unix/vncserver/selinux
|
pushd unix/vncserver/selinux
|
||||||
make install DESTDIR=%{buildroot}
|
make install DESTDIR=%{buildroot}
|
||||||
popd
|
popd
|
||||||
|
|
||||||
|
|
||||||
# Install systemd unit file
|
# Install systemd unit file
|
||||||
install -m644 %{SOURCE1} %{buildroot}%{_unitdir}/xvnc@.service
|
install -m644 %{SOURCE1} %{buildroot}%{_unitdir}/xvnc@.service
|
||||||
install -m644 %{SOURCE2} %{buildroot}%{_unitdir}/xvnc.socket
|
install -m644 %{SOURCE2} %{buildroot}%{_unitdir}/xvnc.socket
|
||||||
|
@ -270,7 +296,21 @@ install -m644 tigervnc_$s.png %{buildroot}%{_datadir}/icons/hicolor/${s}x$s/apps
|
||||||
done
|
done
|
||||||
popd
|
popd
|
||||||
|
|
||||||
|
appstream-util validate-relax --nonet %{buildroot}%{_metainfodir}/org.tigervnc.vncviewer.metainfo.xml
|
||||||
|
desktop-file-validate %{buildroot}%{_datadir}/applications/vncviewer.desktop
|
||||||
|
|
||||||
|
%if 0%{?rhel} > 9
|
||||||
|
# Install a replacement for /usr/bin/vncserver which will tell the user to read the
|
||||||
|
# HOWTO.md file
|
||||||
|
cat <<EOF > %{buildroot}/%{_bindir}/vncserver
|
||||||
|
#!/bin/bash
|
||||||
|
echo "vncserver has been replaced by a systemd unit."
|
||||||
|
echo "Please read /usr/share/doc/tigervnc/HOWTO.md for more information."
|
||||||
|
EOF
|
||||||
|
chmod +x %{buildroot}/%{_bindir}/vncserver
|
||||||
|
%else
|
||||||
install -m 755 %{SOURCE5} %{buildroot}/%{_bindir}/vncserver
|
install -m 755 %{SOURCE5} %{buildroot}/%{_bindir}/vncserver
|
||||||
|
%endif
|
||||||
|
|
||||||
%find_lang %{name} %{name}.lang
|
%find_lang %{name} %{name}.lang
|
||||||
|
|
||||||
|
@ -281,15 +321,14 @@ mkdir -p %{buildroot}%{_sysconfdir}/X11/xorg.conf.d/
|
||||||
install -m 644 %{SOURCE3} %{buildroot}%{_sysconfdir}/X11/xorg.conf.d/10-libvnc.conf
|
install -m 644 %{SOURCE3} %{buildroot}%{_sysconfdir}/X11/xorg.conf.d/10-libvnc.conf
|
||||||
|
|
||||||
%post server
|
%post server
|
||||||
%systemd_post xvnc.service
|
%systemd_post xvnc@.service
|
||||||
%systemd_post xvnc.socket
|
%systemd_post xvnc.socket
|
||||||
|
|
||||||
%preun server
|
%preun server
|
||||||
%systemd_preun xvnc.service
|
|
||||||
%systemd_preun xvnc.socket
|
%systemd_preun xvnc.socket
|
||||||
|
|
||||||
%postun server
|
%postun server
|
||||||
%systemd_postun xvnc.service
|
%systemd_postun xvnc@.service
|
||||||
%systemd_postun xvnc.socket
|
%systemd_postun xvnc.socket
|
||||||
|
|
||||||
%pre selinux
|
%pre selinux
|
||||||
|
@ -311,6 +350,7 @@ fi
|
||||||
%{_bindir}/vncviewer
|
%{_bindir}/vncviewer
|
||||||
%{_datadir}/applications/*
|
%{_datadir}/applications/*
|
||||||
%{_mandir}/man1/vncviewer.1*
|
%{_mandir}/man1/vncviewer.1*
|
||||||
|
%{_datadir}/metainfo/org.tigervnc.vncviewer.metainfo.xml
|
||||||
|
|
||||||
%files server
|
%files server
|
||||||
%config(noreplace) %{_sysconfdir}/pam.d/tigervnc
|
%config(noreplace) %{_sysconfdir}/pam.d/tigervnc
|
||||||
|
@ -320,8 +360,8 @@ fi
|
||||||
%{_unitdir}/vncserver@.service
|
%{_unitdir}/vncserver@.service
|
||||||
%{_unitdir}/xvnc@.service
|
%{_unitdir}/xvnc@.service
|
||||||
%{_unitdir}/xvnc.socket
|
%{_unitdir}/xvnc.socket
|
||||||
%{_bindir}/x0vncserver
|
|
||||||
%{_bindir}/vncserver
|
%{_bindir}/vncserver
|
||||||
|
%{_bindir}/x0vncserver
|
||||||
%{_sbindir}/vncsession
|
%{_sbindir}/vncsession
|
||||||
%{_libexecdir}/vncserver
|
%{_libexecdir}/vncserver
|
||||||
%{_libexecdir}/vncsession-start
|
%{_libexecdir}/vncsession-start
|
||||||
|
@ -341,7 +381,7 @@ fi
|
||||||
|
|
||||||
%files server-module
|
%files server-module
|
||||||
%{_libdir}/xorg/modules/extensions/libvnc.so
|
%{_libdir}/xorg/modules/extensions/libvnc.so
|
||||||
%config %{_sysconfdir}/X11/xorg.conf.d/10-libvnc.conf
|
%config(noreplace) %{_sysconfdir}/X11/xorg.conf.d/10-libvnc.conf
|
||||||
|
|
||||||
%files license
|
%files license
|
||||||
%{_docdir}/tigervnc/LICENCE.TXT
|
%{_docdir}/tigervnc/LICENCE.TXT
|
||||||
|
@ -354,243 +394,272 @@ fi
|
||||||
%ghost %verify(not md5 size mode mtime) %{_sharedstatedir}/selinux/%{selinuxtype}/active/modules/200/%{modulename}
|
%ghost %verify(not md5 size mode mtime) %{_sharedstatedir}/selinux/%{selinuxtype}/active/modules/200/%{modulename}
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
* Mon Apr 15 2024 Jan Grulich <jgrulich@redhat.com> - 1.13.1-10
|
* Tue Apr 16 2024 Jan Grulich <jgrulich@redhat.com> - 1.13.1-8.3
|
||||||
- Drop patches that are already part of xorg-x11-server
|
|
||||||
Resolves: RHEL-30755
|
|
||||||
Resolves: RHEL-30767
|
|
||||||
Resolves: RHEL-30761
|
|
||||||
|
|
||||||
* Thu Apr 04 2024 Jan Grulich <jgrulich@redhat.com> - 1.13.1-9
|
|
||||||
- Fix CVE-2024-31080 tigervnc: xorg-x11-server: Heap buffer overread/data leakage in ProcXIGetSelectedEvents
|
- Fix CVE-2024-31080 tigervnc: xorg-x11-server: Heap buffer overread/data leakage in ProcXIGetSelectedEvents
|
||||||
Resolves: RHEL-30755
|
Resolves: RHEL-30756
|
||||||
- Fix CVE-2024-31083 tigervnc: xorg-x11-server: User-after-free in ProcRenderAddGlyphs
|
- Fix CVE-2024-31083 tigervnc: xorg-x11-server: User-after-free in ProcRenderAddGlyphs
|
||||||
Resolves: RHEL-30767
|
Resolves: RHEL-30768
|
||||||
- Fix CVE-2024-31081 tigervnc: xorg-x11-server: Heap buffer overread/data leakage in ProcXIPassiveGrabDevice
|
- Fix CVE-2024-31081 tigervnc: xorg-x11-server: Heap buffer overread/data leakage in ProcXIPassiveGrabDevice
|
||||||
Resolves: RHEL-30761
|
Resolves: RHEL-30762
|
||||||
|
|
||||||
* Wed Feb 07 2024 Jan Grulich <jgrulich@redhat.com> - 1.13.1-8
|
* Wed Feb 07 2024 Jan Grulich <jgrulich@redhat.com> - 1.13.1-8
|
||||||
- Fix copy/paste error in the DeviceStateNotify
|
- Fix copy/paste error in the DeviceStateNotify
|
||||||
Resolves: RHEL-20530
|
Resolves: RHEL-20533
|
||||||
|
|
||||||
* Mon Jan 22 2024 Jan Grulich <jgrulich@redhat.com> - 1.13.1-7
|
* Mon Jan 22 2024 Jan Grulich <jgrulich@redhat.com> - 1.13.1-7
|
||||||
- Fix CVE-2024-21886 tigervnc: xorg-x11-server: heap buffer overflow in DisableDevice
|
- Fix CVE-2024-21886 tigervnc: xorg-x11-server: heap buffer overflow in DisableDevice
|
||||||
Resolves: RHEL-20388
|
Resolves: RHEL-20389
|
||||||
- Fix CVE-2024-21885 tigervnc: xorg-x11-server: heap buffer overflow in XISendDeviceHierarchyEvent
|
- Fix CVE-2024-21885 tigervnc: xorg-x11-server: heap buffer overflow in XISendDeviceHierarchyEvent
|
||||||
Resolves: RHEL-20382
|
Resolves: RHEL-20383
|
||||||
- Fix CVE-2024-0229 tigervnc: xorg-x11-server: reattaching to different master device may lead to out-of-bounds memory access
|
- Fix CVE-2024-0229 tigervnc: xorg-x11-server: reattaching to different master device may lead to out-of-bounds memory access
|
||||||
Resolves: RHEL-20530
|
Resolves: RHEL-20533
|
||||||
- Fix CVE-2023-6816 tigervnc: xorg-x11-server: Heap buffer overflow in DeviceFocusEvent and ProcXIQueryPointer
|
- Fix CVE-2023-6816 tigervnc: xorg-x11-server: Heap buffer overflow in DeviceFocusEvent and ProcXIQueryPointer
|
||||||
Resolves: RHEL-21214
|
Resolves: RHEL-21213
|
||||||
|
|
||||||
* Mon Jan 08 2024 Jan Grulich <jgrulich@redhat.com> - 1.13.1-6
|
* Mon Jan 08 2024 Jan Grulich <jgrulich@redhat.com> - 1.13.1-6
|
||||||
- Use dup() to get available file descriptor when using -inetd option
|
- Use dup() to get available file descriptor when using -inetd option
|
||||||
Resolves: RHEL-21000
|
Resolves: RHEL-19858
|
||||||
|
|
||||||
* Mon Dec 18 2023 Jan Grulich <jgrulich@redhat.com> - 1.13.1-5
|
* Mon Dec 18 2023 Jan Grulich <jgrulich@redhat.com> - 1.13.1-5
|
||||||
- Fix CVE-2023-6377 tigervnc: xorg-x11-server: out-of-bounds memory reads/writes in XKB button actions
|
- Fix CVE-2023-6377 tigervnc: xorg-x11-server: out-of-bounds memory reads/writes in XKB button actions
|
||||||
Resolves: RHEL-18410
|
Resolves: RHEL-18414
|
||||||
- Fix CVE-2023-6478 tigervnc: xorg-x11-server: out-of-bounds memory read in RRChangeOutputProperty and RRChangeProviderProperty
|
- Fix CVE-2023-6478 tigervnc: xorg-x11-server: out-of-bounds memory read in RRChangeOutputProperty and RRChangeProviderProperty
|
||||||
Resolves: RHEL-18422
|
Resolves: RHEL-18426
|
||||||
|
|
||||||
* Wed Nov 01 2023 Jan Grulich <jgrulich@redhat.com> - 1.13.1-4
|
* Wed Nov 01 2023 Jan Grulich <jgrulich@redhat.com> - 1.13.1-4
|
||||||
- Fix CVE-2023-5380 tigervnc: xorg-x11-server: Use-after-free bug in DestroyWindow
|
- Fix CVE-2023-5380 tigervnc: xorg-x11-server: Use-after-free bug in DestroyWindow
|
||||||
Resolves: RHEL-15236
|
Resolves: RHEL-15237
|
||||||
|
|
||||||
- Fix CVE-2023-5367 tigervnc: xorg-x11-server: Out-of-bounds write in XIChangeDeviceProperty/RRChangeOutputProperty
|
- Fix CVE-2023-5367 tigervnc: xorg-x11-server: Out-of-bounds write in XIChangeDeviceProperty/RRChangeOutputProperty
|
||||||
Resolves: RHEL-15230
|
Resolves: RHEL-15249
|
||||||
|
|
||||||
* Mon Oct 09 2023 Jan Grulich <jgrulich@redhat.com> - 1.13.1-3
|
* Mon Oct 09 2023 Jan Grulich <jgrulich@redhat.com> - 1.13.1-3
|
||||||
- Support username alias in PlainUsers
|
- Support username alias in PlainUsers
|
||||||
Resolves: RHEL-4258
|
Resolves: RHEL-8430
|
||||||
|
|
||||||
* Tue Apr 11 2023 Jan Grulich <jgrulich@redhat.com> - 1.13.1-2
|
* Tue Apr 11 2023 Jan Grulich <jgrulich@redhat.com> - 1.13.1-2
|
||||||
- xorg-x11-server: X.Org Server Overlay Window Use-After-Free Local Privilege
|
- xorg-x11-server: X.Org Server Overlay Window Use-After-Free Local Privilege
|
||||||
Escalation Vulnerability
|
Escalation Vulnerability
|
||||||
Resolves: bz#2180306
|
Resolves: bz#2180310
|
||||||
|
|
||||||
* Tue Mar 21 2023 Jan Grulich <jgrulich@redhat.com> - 1.13.1-1
|
* Tue Mar 21 2023 Jan Grulich <jgrulich@redhat.com> - 1.13.1-1
|
||||||
- 1.13.1
|
- 1.13.1
|
||||||
Resolves: bz#2175748
|
Resolves: bz#2175732
|
||||||
- Restore "--fallbacktofreeport" option in the vncserver script
|
|
||||||
Resolves: bz#2174398
|
|
||||||
|
|
||||||
* Thu Dec 08 2022 Jan Grulich <jgrulich@redhat.com> - 1.12.0-9
|
* Tue Feb 21 2023 Jan Grulich <jgrulich@redhat.com> - 1.12.0-12
|
||||||
- Bump build version to fix upgrade path
|
- SELinux: allow vncsession create .vnc directory
|
||||||
Resolves: bz#1437569
|
Resolves: bz#2164703
|
||||||
|
|
||||||
* Fri Nov 18 2022 Jan Grulich <jgrulich@redhat.com> - 1.12.0-8
|
* Wed Feb 15 2023 Jan Grulich <jgrulich@redhat.com> - 1.12.0-11
|
||||||
|
- Add sanity check when cleaning up keymap changes
|
||||||
|
Resolves: bz#2169965
|
||||||
|
|
||||||
|
* Mon Feb 06 2023 Jan Grulich <jgrulich@redhat.com> - 1.12.0-10
|
||||||
|
- xorg-x11-server: DeepCopyPointerClasses use-after-free leads to privilege elevation
|
||||||
|
Resolves: bz#2167061
|
||||||
|
|
||||||
|
* Tue Dec 20 2022 Tomas Popela <tpopela@redhat.com> - 1.12.0-9
|
||||||
|
- Rebuild for xorg-x11-server CVE-2022-46340 follow up fix
|
||||||
|
|
||||||
|
* Fri Dec 16 2022 Jan Grulich <jgrulich@redhat.com> - 1.12.0-8
|
||||||
|
- Rebuild for xorg-x11-server CVEs
|
||||||
|
Resolves: CVE-2022-4283 (bz#2154234)
|
||||||
|
Resolves: CVE-2022-46340 (bz#2154221)
|
||||||
|
Resolves: CVE-2022-46341 (bz#2154224)
|
||||||
|
Resolves: CVE-2022-46342 (bz#2154226)
|
||||||
|
Resolves: CVE-2022-46343 (bz#2154228)
|
||||||
|
Resolves: CVE-2022-46344 (bz#2154230)
|
||||||
|
|
||||||
|
* Thu Dec 01 2022 Jan Grulich <jgrulich@redhat.com> - 1.12.0-7
|
||||||
- x0vncserver: add new keysym in case we don't find matching keycode
|
- x0vncserver: add new keysym in case we don't find matching keycode
|
||||||
Resolves: bz#1437569
|
+ actually apply the patch
|
||||||
|
Resolves: bz#2119017
|
||||||
|
|
||||||
* Wed Aug 24 2022 Jan Grulich <jgrulich@redhat.com> - 1.12.0-7
|
* Thu Dec 01 2022 Jan Grulich <jgrulich@redhat.com> - 1.12.0-6
|
||||||
|
- x0vncserver: add new keysym in case we don't find matching keycode
|
||||||
|
Resolves: bz#2119017
|
||||||
|
|
||||||
|
* Mon Oct 24 2022 Jan Grulich <jgrulich@redhat.com> - 1.12.0-5
|
||||||
- x0vncserver: fix ghost cursor in zaphod mode (better version)
|
- x0vncserver: fix ghost cursor in zaphod mode (better version)
|
||||||
Resolves: bz#2109679
|
Resolves: bz#2119016
|
||||||
|
|
||||||
* Wed Aug 17 2022 Jan Grulich <jgrulich@redhat.com> - 1.12.0-6
|
* Tue May 31 2022 Jan Grulich <jgrulich@redhat.com> - 1.12.0-4
|
||||||
- x0vncserver: fix ghost cursor in zaphod mode
|
- Add BR: libXdamage, libXfixes, libXrandr
|
||||||
Resolves: bz#2109679
|
Resolves: bz#2091833
|
||||||
|
|
||||||
* Tue May 31 2022 Jan Grulich <jgrulich@redhat.com> - 1.12.0-5
|
* Tue Apr 05 2022 Jan Grulich <jgrulich@redhat.com> - 1.12.0-3
|
||||||
- BR: libXdamage, libXfixes, libXrandr
|
- Do not run systemd_preun on Xvnc service file
|
||||||
Resolves: bz#2088733
|
Resolves: bz#2048011
|
||||||
|
|
||||||
* Tue Feb 08 2022 Jan Grulich <jgrulich@redhat.com> - 1.12.0-4
|
* Mon Apr 04 2022 Jan Grulich <jgrulich@redhat.com> - 1.12.0-2
|
||||||
|
- Drop unexisting option from the old vncserver script
|
||||||
|
Resolves: bz#2021893
|
||||||
|
|
||||||
|
* Wed Mar 23 2022 Jan Grulich <jgrulich@redhat.com> - 1.12.0-1
|
||||||
|
- 1.12.0 + sync with Fedora
|
||||||
|
Resolves: bz#2048011
|
||||||
|
Resolves: bz#2021893
|
||||||
|
|
||||||
|
* Mon Feb 07 2022 Jan Grulich <jgrulich@redhat.com> - 1.11.0-21
|
||||||
- Added vncsession-restore script for SELinux policy migration
|
- Added vncsession-restore script for SELinux policy migration
|
||||||
Fix SELinux context for root user
|
Fix SELinux context for root user
|
||||||
Resolves: bz#2021892
|
Resolves: bz#2049506
|
||||||
|
|
||||||
* Fri Jan 21 2022 Jan Grulich <jgrulich@redhat.com> - 1.12.0-3
|
* Fri Nov 26 2021 Jan Grulich <jgrulich@redhat.com> - 1.11.0-20
|
||||||
- Fix crash in vncviewer
|
- Rebuild for absence in RHEL 9.0
|
||||||
Resolves: bz#2021892
|
Resolves: bz#1985858
|
||||||
|
|
||||||
* Fri Jan 14 2022 Jan Grulich <jgrulich@redhat.com> - 1.12.0-2
|
* Mon Aug 16 2021 Jan Grulich <jgrulich@redhat.com> - 1.11.0-19
|
||||||
- Remove unavailable option from vncserver script
|
- Sync upstream patches + drop unused patches
|
||||||
Resolves: bz#2021892
|
Resolves: bz#1985858
|
||||||
|
|
||||||
* Fri Jan 14 2022 Jan Grulich <jgrulich@redhat.com> - 1.12.0-1
|
* Tue Aug 10 2021 Mohan Boddu <mboddu@redhat.com> - 1.11.0-18
|
||||||
- 1.12.0
|
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
|
||||||
Resolves: bz#2021892
|
Related: rhbz#1991688
|
||||||
|
|
||||||
* Mon Jul 19 2021 Jan Grulich <jgrulich@redhat.com> - 1.11.0-9
|
* Mon Jul 19 2021 Jan Grulich <jgrulich@redhat.com> - 1.11.0-17
|
||||||
- Fix logout from VNC session using vncserver
|
- Fix logout from VNC session using vncserver
|
||||||
Resolves: bz#1983706
|
Resolves: bz#1983704
|
||||||
|
|
||||||
* Tue Jun 01 2021 Jan Grulich <jgrulich@redhat.com> - 1.11.0-8
|
* Tue Jun 01 2021 Jan Grulich <jgrulich@redhat.com> - 1.11.0-16
|
||||||
- Run all SELinux RPM macros on correct package
|
- Bump version for rebuild (binutils)
|
||||||
Resolves: bz#1907963
|
Resolves: bz#1961488
|
||||||
|
|
||||||
* Mon May 17 2021 Jan Grulich <jgrulich@redhat.com> - 1.11.0-7
|
* Mon May 17 2021 Jan Grulich <jgrulich@redhat.com> - 1.11.0-14
|
||||||
- SELinux improvements
|
- SELinux improvements
|
||||||
Resolves: bz#1907963
|
Resolves: bz#1961488
|
||||||
|
|
||||||
* Tue Dec 15 2020 Jan Grulich <jgrulich@redhat.com> - 1.11.0-6
|
- Fix endianness issue on s390x
|
||||||
- Use GNOME as default session
|
Resolves: bz#1963029
|
||||||
Resolves: bz#1853608
|
|
||||||
|
|
||||||
* Thu Dec 03 2020 Jan Grulich <jgrulich@redhat.com> - 1.11.0-5
|
* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 1.11.0-13
|
||||||
- Make sure we log properly output to journal (actually log to syslog)
|
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
|
||||||
Resolves: bz#1841537
|
|
||||||
|
|
||||||
* Thu Dec 03 2020 Jan Grulich <jgrulich@redhat.com> - 1.11.0-4
|
* Mon Mar 08 2021 Jan Grulich <jgrulich@redhat.com> - 1.11.0-12
|
||||||
- Make sure we log properly output to journal
|
- Include RHEL8 patches
|
||||||
Resolves: bz#1841537
|
|
||||||
|
|
||||||
* Wed Nov 18 2020 Jan Grulich <jgrulich@redhat.com> - 1.11.0-3
|
* Fri Mar 05 2021 Jan Grulich <jgrulich@redhat.com> - 1.11.0-11
|
||||||
- vncserver: ignore new "session" parameter from the new systemd support
|
- Enable old vncserver script for RHEL 9
|
||||||
Resolves: bz#1897504
|
|
||||||
|
|
||||||
* Wed Nov 18 2020 Jan Grulich <jgrulich@redhat.com> - 1.11.0-2
|
* Wed Jan 27 2021 Fedora Release Engineering <releng@fedoraproject.org> - 1.11.0-10
|
||||||
- Revert removal of vncserver
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
|
||||||
Resolves: bz#1897504
|
|
||||||
- Correctly start vncsession as a daemon
|
|
||||||
Resolves: bz#1897498
|
|
||||||
|
|
||||||
* Tue Oct 20 2020 Jan Grulich <jgrulich@redhat.com> - 1.11.0-1
|
* Thu Dec 10 07:45:46 CET 2020 Jan Grulich <jgrulich@redhat.com> - 1.11.0-9
|
||||||
- Update to 1.11.0
|
- vncserver: ignore new session parameter from the new systemd support
|
||||||
Resolves: bz#1880985
|
|
||||||
- Backport fix to allow Tigervnc use boolean values in config files
|
|
||||||
Resolves: bz#1883415
|
|
||||||
|
|
||||||
* Wed Sep 30 2020 Jan Grulich <jgrulich@redhat.com> - 1.10.1-8
|
* Fri Nov 13 14:08:29 CET 2020 Jan Grulich <jgrulich@redhat.com> - 1.11.0-8
|
||||||
- Tolerate specifying -BoolParam 0 and similar
|
- Use /run instead of /var/run which is just a symlink
|
||||||
Resolves: bz#1883415
|
|
||||||
|
|
||||||
* Wed Jul 08 2020 Jan Grulich <jgrulich@redhat.com> - 1.10.1-7
|
* Thu Nov 05 2020 Peter Hutterer <peter.hutterer@redhat.com> 1.11.0-7
|
||||||
- Enable server module on s390x
|
- Require xkbcomp directly, not xorg-x11-xkb-utils. The latter has had
|
||||||
Resolves: bz#1854925
|
Provides xkbcomp for years.
|
||||||
|
|
||||||
* Fri Jul 03 2020 Jan Grulich <jgrulich@redhat.com> - 1.10.1-6
|
* Tue Sep 29 13:12:22 CEST 2020 Jan Grulich <jgrulich@redhat.com> - 1.11.0-6
|
||||||
- Remove trailing spaces in user name
|
- Backport upstream fix allowing Tigervnc to specify boolean valus in configuration
|
||||||
Resolves: bz#1852432
|
- Revert removal of vncserver for F32 and F33
|
||||||
|
|
||||||
* Thu Jun 25 2020 Jan Grulich <jgrulich@redhat.com> - 1.10.1-5
|
* Thu Sep 24 07:14:06 CEST 2020 Jan Grulich <jgrulich@redhat.com> - 1.11.0-5
|
||||||
- Install the HOWTO file to correct location
|
- Actually install the HOWTO.md file
|
||||||
|
|
||||||
|
* Wed Sep 23 2020 Jan Grulich <jgrulich@redhat.com> - 1.11.0-4
|
||||||
|
- Call systemd macros on correct service file
|
||||||
|
|
||||||
|
* Tue Sep 22 2020 Jan Grulich <jgrulich@redhat.com> - 1.11.0-3
|
||||||
|
- Do not overwrite libvnc.conf config file
|
||||||
|
|
||||||
|
* Thu Sep 17 2020 Jan Grulich <jgrulich@redhat.com> - 1.11.0-2
|
||||||
- Add /usr/bin/vncserver file informing users to read the HOWTO.md file
|
- Add /usr/bin/vncserver file informing users to read the HOWTO.md file
|
||||||
Resolves: bz#1790443
|
|
||||||
|
|
||||||
* Mon Jun 15 2020 Jan Grulich <jgrulich@redhat.com> - 1.10.1-4
|
* Wed Sep 09 2020 Jan Grulich <jgrulich@redhat.com> - 1.11.0-1
|
||||||
- Improve SELinux policy
|
- 1.11.0
|
||||||
Resolves: bz#1790443
|
|
||||||
|
|
||||||
* Mon Jun 15 2020 Jan Grulich <jgrulich@redhat.com> - 1.10.1-3
|
* Mon Aug 24 2020 Jan Grulich <jgrulich@redhat.com. - 1.10.90-1
|
||||||
- Add a HOWTO.md file with instructions how to start VNC server
|
- Update to 1.10.90 (1.11.0 beta)
|
||||||
Resolves: bz#1790443
|
|
||||||
|
|
||||||
* Tue May 26 2020 Jan Grulich <jgrulich@redhat.com> - 1.10.1-2
|
* Sat Aug 01 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.10.1-9
|
||||||
- Make the systemd service run also for root user
|
- Second attempt - Rebuilt for
|
||||||
Resolves: bz#1790443
|
https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
|
||||||
|
|
||||||
* Mon Apr 27 2020 Jan Grulich <jgrulich@redhat.com> - 1.10.1-1
|
* Wed Jul 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.10.1-8
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
|
||||||
|
|
||||||
|
* Tue Jul 14 2020 Tom Stellard <tstellar@redhat.com> - 1.10.1-7
|
||||||
|
- Use make macros
|
||||||
|
- https://fedoraproject.org/wiki/Changes/UseMakeBuildInstallMacro
|
||||||
|
|
||||||
|
* Sat Jul 11 2020 Jiri Vanek <jvanek@redhat.com> - 1.10.1-6
|
||||||
|
- Rebuilt for JDK-11, see https://fedoraproject.org/wiki/Changes/Java11
|
||||||
|
|
||||||
|
* Sun Apr 19 2020 Jan Grulich <jgrulich@redhat.com> - 1.10.1-5
|
||||||
|
- Requires: dbus-x11
|
||||||
|
Resolves: bz#1825331
|
||||||
|
|
||||||
|
* Fri Mar 13 2020 Olivier Fourdan <ofourdan@redhat.com> - 1.10.1-4
|
||||||
|
- Fix build with xserver 1.20.7
|
||||||
|
|
||||||
|
* Fri Jan 31 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.10.1-3
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
|
||||||
|
|
||||||
|
* Mon Jan 13 2020 Jan Grulich <jgrulich@redhat.com> - 1.10.1-2
|
||||||
|
- Build with -std=c++11
|
||||||
|
|
||||||
|
* Fri Dec 20 2019 Jan Grulich <jgrulich@redhat.com> - 1.10.1-1
|
||||||
- Update to 1.10.1
|
- Update to 1.10.1
|
||||||
Resolves: bz#1806992
|
|
||||||
|
|
||||||
- Add proper systemd support
|
* Tue Dec 10 2019 Jan Grulich <jgrulich@redhat.com> - 1.10.0-2
|
||||||
Resolves: bz#1790443
|
- Properly install systemd files
|
||||||
|
|
||||||
* Tue Jan 28 2020 Jan Grulich <jgrulich@redhat.com> - 1.9.0-13
|
* Mon Nov 18 2019 Jan Grulich <jgrulich@redhat.com> - 1.10.0-1
|
||||||
- Bump build because of z-stream
|
- Update to 1.10.0
|
||||||
Resolves: bz#1671714
|
|
||||||
|
|
||||||
* Wed Dec 11 2019 Jan Grulich <jgrulich@redhat.com> - 1.9.0-12
|
* Fri Oct 18 2019 Jan Grulich <jgrulich@redhat.com> - 1.9.90-1
|
||||||
- Fix installation of systemd files
|
- Update to 1.9.90 (1.10 beta)
|
||||||
Resolves: bz#1671714
|
- Add systemd user service file
|
||||||
|
- Use a wrapper for systemd system service file to workaround systemd limitations
|
||||||
|
|
||||||
* Wed Nov 20 2019 Jan Grulich <jgrulich@redhat.com> - 1.9.0-11
|
* Sat Jul 27 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.9.0-7
|
||||||
- Use wrapper script to workaround systemd issues
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
|
||||||
Resolves: bz#1671714
|
|
||||||
|
|
||||||
* Fri Jul 12 2019 Jan Grulich <jgrulich@redhat.com> - 1.9.0-10
|
* Fri Jul 19 2019 Dan Horák <dan[at]danny.cz> - 1.9.0-6
|
||||||
- Do not return returncode indicating error when running "vncserver -list"
|
- drop the s390x special handling (related #1727029)
|
||||||
Resolves: bz#1727860
|
|
||||||
|
|
||||||
* Fri Feb 08 2019 Jan Grulich <jgrulich@redhat.com> - 1.9.0-9
|
* Wed Jun 12 2019 Jan Grulich <jgrulich@redhat.com> - 1.9.0-5
|
||||||
- Make tigervnc systemd service a user service
|
- Add missing arguments to systemd_postun scriptlets
|
||||||
Resolves: bz#1639846
|
Resolves: bz#1716411
|
||||||
|
|
||||||
* Mon Jan 21 2019 Jan Grulich <jgrulich@redhat.com> - 1.9.0-8
|
* Sun Feb 03 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.9.0-4
|
||||||
- Kill the session automatically only when Gnome is installed
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
|
||||||
Resolves: bz#1665876
|
|
||||||
|
|
||||||
* Tue Nov 20 2018 Jan Grulich <jgrulich@redhat.com> - 1.9.0-7
|
* Tue Sep 25 2018 Jan Grulich <jgrulich@redhat.com> - 1.9.0-3
|
||||||
- Improve coverity scan fixes
|
|
||||||
Resolves: bz#1602714
|
|
||||||
|
|
||||||
Inform whether view-only password is used or not
|
|
||||||
Resolves: bz#1639169
|
|
||||||
|
|
||||||
Backport fixes from RHEL 7
|
|
||||||
Resolves: bz#1651254
|
|
||||||
|
|
||||||
* Tue Oct 09 2018 Jan Grulich <jgrulich@redhat.com> - 1.9.0-6
|
|
||||||
- Do not crash passwd when using malloc perturb checks
|
- Do not crash passwd when using malloc perturb checks
|
||||||
Resolves: bz#1637086
|
Resolves: bz#1631483
|
||||||
|
|
||||||
* Mon Oct 08 2018 Jan Grulich <jgrulich@redhat.com> - 1.9.0-5
|
|
||||||
- Improve coverity scan fixes
|
|
||||||
Resolves: bz#1602714
|
|
||||||
|
|
||||||
* Wed Oct 03 2018 Jan Grulich <jgrulich@redhat.com> - 1.9.0-4
|
|
||||||
- Improve coverity scan fixes
|
|
||||||
Resolves: bz#1602714
|
|
||||||
|
|
||||||
* Wed Oct 03 2018 Jan Grulich <jgrulich@redhat.com> - 1.9.0-3
|
|
||||||
- Fix some coverity scan issues
|
|
||||||
Resolves: bz#1602714
|
|
||||||
|
|
||||||
* Wed Aug 01 2018 Jan Grulich <jgrulich@redhat.com> - 1.9.0-2
|
* Wed Aug 01 2018 Jan Grulich <jgrulich@redhat.com> - 1.9.0-2
|
||||||
- Remove dependency on initscripts
|
- Ignore buttons in mouse leave events
|
||||||
|
Resolves: bz#1609516
|
||||||
|
|
||||||
* Tue Jul 17 2018 Jan Grulich <jgrulich@redhat.com> - 1.9.0-1
|
* Tue Jul 17 2018 Jan Grulich <jgrulich@redhat.com> - 1.9.0-1
|
||||||
- Update to 1.9.0 + sync with Fedora
|
- Update to 1.9.0
|
||||||
|
|
||||||
* Tue Jun 12 2018 Adam Jackson <ajax@redhat.com> - 1.8.0-10
|
* Sat Jul 14 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1.8.90-3
|
||||||
- Fix GLX initialization with Xorg 1.20
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
|
||||||
|
|
||||||
* Tue May 29 2018 Jan Grulich <jgrulich@redhat.com> - 1.8.0-9
|
* Wed Jul 4 2018 Peter Robinson <pbrobinson@fedoraproject.org> 1.8.90-2
|
||||||
- Build against Xorg 1.20
|
- Clean up spec: use macros consistenly, drop old sys-v migrations
|
||||||
|
- Drop ancient obsolete/provides
|
||||||
|
|
||||||
* Mon May 14 2018 Jan Grulich <jgrulich@redhat.com> - 1.8.0-8
|
* Thu Jun 14 2018 Jan Grulich <jgrulich@redhat.com> - 1.8.90-1
|
||||||
- Drop BR: ImageMagick
|
- Update to 1.8.90
|
||||||
|
|
||||||
|
* Wed Jun 13 2018 Jan Grulich <jgrulich@redhat.com> - 1.8.0-10
|
||||||
|
- Fix tigervnc systemd unit file
|
||||||
|
Resolves: bz#1583159
|
||||||
|
|
||||||
|
* Wed Jun 06 2018 Adam Jackson <ajax@redhat.com> - 1.8.0-9
|
||||||
|
- Fix GLX initialization with 1.20
|
||||||
|
|
||||||
|
* Wed Apr 04 2018 Adam Jackson <ajax@redhat.com> - 1.8.0-8
|
||||||
|
- Rebuild for xserver 1.20
|
||||||
|
|
||||||
* Fri Feb 09 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1.8.0-7
|
* Fri Feb 09 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1.8.0-7
|
||||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
|
||||||
|
|
Loading…
Reference in New Issue