26 changed files with 842 additions and 1608 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1 +1,35 @@
-SOURCES/tigervnc-1.13.1.tar.gz
+tigervnc-1.0.90-20100721svn4113.tar.bz2
+/tigervnc-1.0.90-20100813svn4123.tar.bz2
+/tigervnc-1.0.90-20101208svn4225.tar.bz2
+/tigervnc-1.0.90-20110117svn4237.tar.bz2
+/tigervnc-1.0.90.tar.gz
+/tigervnc-1.1.0.tar.gz
+/tigervnc-1.2.80-20120905svn4996.tar.bz2
+/tigervnc-1.2.80-20121126svn5015.tar.bz2
+/tigervnc-1.2.80-20130219svn5047.tar.bz2
+/tigervnc-1.2.80-20130307svn5060.tar.bz2
+/tigervnc-1.2.80-20130314svn5065.tar.bz2
+/tigervnc-1.3.0.tar.bz2
+/tigervnc-1.3.1.tar.gz
+/tigervnc-1.4.2.tar.gz
+/tigervnc-1.4.3.tar.gz
+/tigervnc-49d0629dd87c0eb695d72dec7481e9169f55ae9e.tar.gz
+/tigervnc-1.5.0.tar.gz
+/tigervnc-1.5.90.tar.gz
+/tigervnc-1.6.0.tar.gz
+/sources
+/tigervnc-1.6.90.tar.gz
+/tigervnc-1.7.0.tar.gz
+/tigervnc-1.7.1.tar.gz
+/tigervnc-1.7.90.tar.gz
+/tigervnc-1.8.0.tar.gz
+/tigervnc-1.8.90.tar.gz
+/tigervnc-1.9.0.tar.gz
+/tigervnc-1.9.90.tar.gz
+/tigervnc-1.10.0.tar.gz
+/tigervnc-1.10.1.tar.gz
+/tigervnc-1.10.90.tar.gz
+/tigervnc-1.11.0.tar.gz
+/tigervnc-1.12.0.tar.gz
+/tigervnc-1.13.1.tar.gz
+/tigervnc-1.14.0.tar.gz
--- a/.tigervnc.metadata
+++ b/.tigervnc.metadata
@ -1 +0,0 @@
-6f7a23f14833f552c88523da1a5e102f3b8d35c2 SOURCES/tigervnc-1.13.1.tar.gz
--- a/SOURCES/0001-rpath-hack.patch
+++ b/SOURCES/0001-rpath-hack.patch
--- a/SOURCES/10-libvnc.conf
+++ b/SOURCES/10-libvnc.conf
@ -12,7 +12,7 @@
 #EndSection

 #Section "Screen"
-#    Identifier "Screen0"
+#    Identifier "Screen0
 #    DefaultDepth 16
 #    Option "SecurityTypes" "VncAuth"
 #    Option "PasswordFile" "/root/.vnc/passwd"
--- a/SOURCES/tigervnc-add-option-to-force-view-only-remote-connections.patch
+++ b/SOURCES/tigervnc-add-option-to-force-view-only-remote-connections.patch
--- a/SOURCES/tigervnc-dont-install-appstream-metadata-file.patch
+++ b/SOURCES/tigervnc-dont-install-appstream-metadata-file.patch
@ -1,51 +0,0 @@
-diff --git a/po/CMakeLists.txt b/po/CMakeLists.txt
-index 052cfb3..c84fb0e 100644
--- a/po/CMakeLists.txt
-+++ b/po/CMakeLists.txt
-@@ -14,7 +14,6 @@ if (GETTEXT_XGETTEXT_EXECUTABLE)
-     ${PROJECT_SOURCE_DIR}/vncviewer/*.h
-     ${PROJECT_SOURCE_DIR}/vncviewer/*.cxx
-     ${PROJECT_SOURCE_DIR}/vncviewer/*.desktop.in.in
-    ${PROJECT_SOURCE_DIR}/vncviewer/*.metainfo.xml.in
-   )
- 
-   add_custom_target(translations_update
-diff --git a/vncviewer/CMakeLists.txt b/vncviewer/CMakeLists.txt
-index 15eac66..450b732 100644
--- a/vncviewer/CMakeLists.txt
-+++ b/vncviewer/CMakeLists.txt
-@@ -100,34 +100,6 @@ if(UNIX)
-   add_custom_target(desktop ALL DEPENDS vncviewer.desktop)
-   install(FILES ${CMAKE_CURRENT_BINARY_DIR}/vncviewer.desktop DESTINATION ${CMAKE_INSTALL_FULL_DATADIR}/applications)
- 
-  if("${GETTEXT_VERSION_STRING}" VERSION_GREATER 0.19.6)
-    add_custom_command(OUTPUT org.tigervnc.vncviewer.metainfo.xml
-      COMMAND ${GETTEXT_MSGFMT_EXECUTABLE}
-                --xml --template ${CMAKE_CURRENT_SOURCE_DIR}/org.tigervnc.vncviewer.metainfo.xml.in
-                -d ${CMAKE_SOURCE_DIR}/po -o org.tigervnc.vncviewer.metainfo.xml
-      DEPENDS ${CMAKE_CURRENT_SOURCE_DIR}/org.tigervnc.vncviewer.metainfo.xml.in
-    )
-  elseif(INTLTOOL_MERGE_EXECUTABLE)
-    add_custom_command(OUTPUT org.tigervnc.vncviewer.metainfo.xml
-      COMMAND sed -e 's@<name>@<_name>@\;s@</name>@</_name>@'
-                  -e 's@<summary>@<_summary>@\;s@</summary>@</_summary>@'
-                  -e 's@<caption>@<_caption>@\;s@</caption>@</_caption>@'
-                  -e 's@<p>@<_p>@g\;s@</p>@</_p>@g'
-                ${CMAKE_CURRENT_SOURCE_DIR}/org.tigervnc.vncviewer.metainfo.xml.in > org.tigervnc.vncviewer.metainfo.xml.intl
-      COMMAND ${INTLTOOL_MERGE_EXECUTABLE}
-                -x ${CMAKE_SOURCE_DIR}/po
-                org.tigervnc.vncviewer.metainfo.xml.intl org.tigervnc.vncviewer.metainfo.xml
-      DEPENDS ${CMAKE_CURRENT_SOURCE_DIR}/org.tigervnc.vncviewer.metainfo.xml.in
-    )
-  else()
-    add_custom_command(OUTPUT org.tigervnc.vncviewer.metainfo.xml
-      COMMAND cp ${CMAKE_CURRENT_SOURCE_DIR}/org.tigervnc.vncviewer.metainfo.xml.in org.tigervnc.vncviewer.metainfo.xml
-      DEPENDS ${CMAKE_CURRENT_SOURCE_DIR}/org.tigervnc.vncviewer.metainfo.xml.in
-    )
-  endif()
-  add_custom_target(appstream ALL DEPENDS org.tigervnc.vncviewer.metainfo.xml)
-  install(FILES ${CMAKE_CURRENT_BINARY_DIR}/org.tigervnc.vncviewer.metainfo.xml DESTINATION ${CMAKE_INSTALL_FULL_DATADIR}/metainfo)
-
-   foreach(res 16 22 24 32 48 64 128)
-     install(FILES ../media/icons/tigervnc_${res}.png DESTINATION ${CMAKE_INSTALL_FULL_DATADIR}/icons/hicolor/${res}x${res}/apps RENAME tigervnc.png)
-   endforeach()
--- a/SOURCES/tigervnc-support-username-alias-in-plainusers.patch
+++ b/SOURCES/tigervnc-support-username-alias-in-plainusers.patch
@ -1,135 +0,0 @@
-diff --git a/common/rfb/SSecurityPlain.cxx b/common/rfb/SSecurityPlain.cxx
-index 6f65e87..3142ba3 100644
--- a/common/rfb/SSecurityPlain.cxx
-+++ b/common/rfb/SSecurityPlain.cxx
-@@ -27,6 +27,8 @@
- #include <rdr/InStream.h>
- #if !defined(WIN32) && !defined(__APPLE__)
- #include <rfb/UnixPasswordValidator.h>
-+#include <unistd.h>
-+#include <pwd.h>
- #endif
- #ifdef WIN32
- #include <rfb/WinPasswdValidator.h>
-@@ -45,21 +47,22 @@ StringParameter PasswordValidator::plainUsers
-
- bool PasswordValidator::validUser(const char* username)
- {
-  CharArray users(plainUsers.getValueStr()), user;
-+  std::vector<std::string> users;
-
-  while (users.buf) {
-    strSplit(users.buf, ',', &user.buf, &users.buf);
-#ifdef WIN32
-    if (0 == stricmp(user.buf, "*"))
-	  return true;
-    if (0 == stricmp(user.buf, username))
-	  return true;
-#else
-    if (!strcmp(user.buf, "*"))
-	  return true;
-    if (!strcmp(user.buf, username))
-	  return true;
-+  users = split(plainUsers, ',');
-+
-+  for (size_t i = 0; i < users.size(); i++) {
-+    if (users[i] == "*")
-+      return true;
-+#if !defined(WIN32) && !defined(__APPLE__)
-+    if (users[i] == "%u") {
-+      struct passwd *pw = getpwnam(username);
-+      if (pw && pw->pw_uid == getuid())
-+        return true;
-+    }
- #endif
-+    if (users[i] == username)
-+      return true;
-   }
-   return false;
- }
-diff --git a/common/rfb/util.cxx b/common/rfb/util.cxx
-index 649eb0b..cce73a0 100644
--- a/common/rfb/util.cxx
-+++ b/common/rfb/util.cxx
-@@ -99,6 +99,26 @@ namespace rfb {
-     return false;
-   }
-
-+  std::vector<std::string> split(const char* src,
-+                                 const char delimiter)
-+  {
-+    std::vector<std::string> out;
-+    const char *start, *stop;
-+
-+    start = src;
-+    do {
-+      stop = strchr(start, delimiter);
-+      if (stop == NULL) {
-+        out.push_back(start);
-+      } else {
-+        out.push_back(std::string(start, stop-start));
-+        start = stop + 1;
-+      }
-+    } while (stop != NULL);
-+
-+    return out;
-+  }
-+
-   bool strContains(const char* src, char c) {
-     int l=strlen(src);
-     for (int i=0; i<l; i++)
-diff --git a/common/rfb/util.h b/common/rfb/util.h
-index f0ac9ef..ed15c28 100644
--- a/common/rfb/util.h
-+++ b/common/rfb/util.h
-@@ -27,6 +27,9 @@
- #include <limits.h>
- #include <string.h>
-
-+#include <string>
-+#include <vector>
-+
- struct timeval;
-
- #ifdef __GNUC__
-@@ -76,6 +79,10 @@ namespace rfb {
-   // that part of the string.  Obviously, setting both to 0 is not useful...
-   bool strSplit(const char* src, const char limiter, char** out1, char** out2, bool fromEnd=false);
-
-+  // Splits a string with the specified delimiter
-+  std::vector<std::string> split(const char* src,
-+                                 const char delimiter);
-+
-   // Returns true if src contains c
-   bool strContains(const char* src, char c);
-
-diff --git a/unix/x0vncserver/x0vncserver.man b/unix/x0vncserver/x0vncserver.man
-index c36ae34..78db730 100644
--- a/unix/x0vncserver/x0vncserver.man
-+++ b/unix/x0vncserver/x0vncserver.man
-@@ -125,8 +125,8 @@ parameter instead.
- .B \-PlainUsers \fIuser-list\fP
- A comma separated list of user names that are allowed to authenticate via
- any of the "Plain" security types (Plain, TLSPlain, etc.). Specify \fB*\fP
-to allow any user to authenticate using this security type. Default is to
-deny all users.
-+to allow any user to authenticate using this security type. Specify \fB%u\fP
-+to allow the user of the server process. Default is to deny all users.
- .
- .TP
- .B \-pam_service \fIname\fP, \-PAMService \fIname\fP
-diff --git a/unix/xserver/hw/vnc/Xvnc.man b/unix/xserver/hw/vnc/Xvnc.man
-index ea87dea..e9fb654 100644
--- a/unix/xserver/hw/vnc/Xvnc.man
-+++ b/unix/xserver/hw/vnc/Xvnc.man
-@@ -200,8 +200,8 @@ parameter instead.
- .B \-PlainUsers \fIuser-list\fP
- A comma separated list of user names that are allowed to authenticate via
- any of the "Plain" security types (Plain, TLSPlain, etc.). Specify \fB*\fP
-to allow any user to authenticate using this security type. Default is to
-deny all users.
-+to allow any user to authenticate using this security type. Specify \fB%u\fP
-+to allow the user of the server process. Default is to deny all users.
- .
- .TP
- .B \-pam_service \fIname\fP, \-PAMService \fIname\fP
--- a/SOURCES/tigervnc-use-dup-to-get-available-fd-for-inetd.patch
+++ b/SOURCES/tigervnc-use-dup-to-get-available-fd-for-inetd.patch
@ -1,17 +0,0 @@
-diff --git a/unix/xserver/hw/vnc/xvnc.c b/unix/xserver/hw/vnc/xvnc.c
-index f8141959..c5c36539 100644
--- a/unix/xserver/hw/vnc/xvnc.c
-+++ b/unix/xserver/hw/vnc/xvnc.c
-@@ -366,8 +366,10 @@ ddxProcessArgument(int argc, char *argv[], int i)
-     if (strcmp(argv[i], "-inetd") == 0) {
-         int nullfd;
- 
-        dup2(0, 3);
-        vncInetdSock = 3;
-+        if ((vncInetdSock = dup(0)) == -1)
-+            FatalError
-+                ("Xvnc error: failed to allocate a new file descriptor for -inetd: %s\n", strerror(errno));
-+
- 
-         /* Avoid xserver >= 1.19's epoll-fd becoming fd 2 / stderr only to be
-            replaced by /dev/null by OsInit() because the pollfd is not
--- a/SOURCES/tigervnc-xserver120.patch
+++ b/SOURCES/tigervnc-xserver120.patch
@ -1,91 +0,0 @@
-diff -up xserver/configure.ac.xserver116-rebased xserver/configure.ac
--- xserver/configure.ac.xserver116-rebased	2016-09-29 13:14:45.595441590 +0200
-+++ xserver/configure.ac	2016-09-29 13:14:45.631442006 +0200
-@@ -74,6 +74,7 @@ dnl forcing an entire recompile.x
- AC_CONFIG_HEADERS(include/version-config.h)
-
- AM_PROG_AS
-+AC_PROG_CXX
- AC_PROG_LN_S
- LT_PREREQ([2.2])
- LT_INIT([disable-static win32-dll])
-@@ -1863,6 +1864,10 @@ if test "x$XVFB" = xyes; then
- 	AC_SUBST([XVFB_SYS_LIBS])
- fi
-
-+dnl Xvnc DDX
-+AC_SUBST([XVNC_CPPFLAGS], ["-DHAVE_DIX_CONFIG_H $XSERVER_CFLAGS"])
-+AC_SUBST([XVNC_LIBS], ["$FB_LIB $FIXES_LIB $XEXT_LIB $CONFIG_LIB $DBE_LIB $RECORD_LIB $GLX_LIBS $RANDR_LIB $RENDER_LIB $DAMAGE_LIB $DRI3_LIB $PRESENT_LIB $MIEXT_SYNC_LIB $MIEXT_DAMAGE_LIB $MIEXT_SHADOW_LIB $XI_LIB $XKB_LIB $XKB_STUB_LIB $COMPOSITE_LIB $MAIN_LIB"])
-+AC_SUBST([XVNC_SYS_LIBS], ["$GLX_SYS_LIBS"])
-
- dnl Xnest DDX
-
-@@ -1898,6 +1903,8 @@ if test "x$XORG" = xauto; then
- fi
- AC_MSG_RESULT([$XORG])
-
-+AC_DEFINE_UNQUOTED(XORG_VERSION_CURRENT, [$VENDOR_RELEASE], [Current Xorg version])
-+
- if test "x$XORG" = xyes; then
- 	XORG_DDXINCS='-I$(top_srcdir)/hw/xfree86 -I$(top_srcdir)/hw/xfree86/include -I$(top_srcdir)/hw/xfree86/common'
- 	XORG_OSINCS='-I$(top_srcdir)/hw/xfree86/os-support -I$(top_srcdir)/hw/xfree86/os-support/bus -I$(top_srcdir)/os'
-@@ -2116,7 +2123,6 @@ if test "x$XORG" = xyes; then
- 	AC_DEFINE(XORG_SERVER, 1, [Building Xorg server])
- 	AC_DEFINE(XORGSERVER, 1, [Building Xorg server])
- 	AC_DEFINE(XFree86Server, 1, [Building XFree86 server])
-	AC_DEFINE_UNQUOTED(XORG_VERSION_CURRENT, [$VENDOR_RELEASE], [Current Xorg version])
- 	AC_DEFINE(NEED_XF86_TYPES, 1, [Need XFree86 typedefs])
- 	AC_DEFINE(NEED_XF86_PROTOTYPES, 1, [Need XFree86 helper functions])
- 	AC_DEFINE(__XSERVERNAME__, "Xorg", [Name of X server])
-@@ -2691,6 +2697,7 @@ hw/dmx/Makefile
- hw/dmx/man/Makefile
- hw/vfb/Makefile
- hw/vfb/man/Makefile
-+hw/vnc/Makefile
- hw/xnest/Makefile
- hw/xnest/man/Makefile
- hw/xwin/Makefile
-diff -up xserver/hw/Makefile.am.xserver116-rebased xserver/hw/Makefile.am
--- xserver/hw/Makefile.am.xserver116-rebased	2016-09-29 13:14:45.601441659 +0200
-+++ xserver/hw/Makefile.am	2016-09-29 13:14:45.631442006 +0200
-@@ -38,7 +38,8 @@ SUBDIRS =			\
- 	$(DMX_SUBDIRS)		\
- 	$(KDRIVE_SUBDIRS)	\
- 	$(XQUARTZ_SUBDIRS)	\
-	$(XWAYLAND_SUBDIRS)
-+	$(XWAYLAND_SUBDIRS)	\
-+	vnc
-
- DIST_SUBDIRS = dmx xfree86 vfb xnest xwin xquartz kdrive xwayland
-
-diff --git xserver/mi/miinitext.c xserver/mi/miinitext.c
-index 5596e21..003fc3c 100644
--- xserver/mi/miinitext.c
-+++ xserver/mi/miinitext.c
-@@ -107,8 +107,15 @@ SOFTWARE.
- #include "os.h"
- #include "globals.h"
-
-+#ifdef TIGERVNC
-+extern void vncExtensionInit(INITARGS);
-+#endif
-+
- /* List of built-in (statically linked) extensions */
- static const ExtensionModule staticExtensions[] = {
-+#ifdef TIGERVNC
-+    {vncExtensionInit, "VNC-EXTENSION", NULL},
-+#endif
-     {GEExtensionInit, "Generic Event Extension", &noGEExtension},
-     {ShapeExtensionInit, "SHAPE", NULL},
- #ifdef MITSHM
--- xserver/include/os.h~	2016-10-03 09:07:29.000000000 +0200
-+++ xserver/include/os.h	2016-10-03 14:13:00.013654506 +0200
-@@ -621,7 +621,7 @@
- extern _X_EXPORT void
- LogClose(enum ExitCode error);
- extern _X_EXPORT Bool
-LogSetParameter(LogParameter param, int value);
-+LogSetParameter(enum _LogParameter param, int value);
- extern _X_EXPORT void
- LogVWrite(int verb, const char *f, va_list args)
- _X_ATTRIBUTE_PRINTF(2, 0);
--- a/gating.yaml
+++ b/gating.yaml
@ -0,0 +1,6 @@
+--- !Policy
+product_versions:
+  - rhel-9
+decision_context: osci_compose_gate
+rules:
+  - !PassingTestCaseRule {test_case_name: desktop-qe.desktop-ci.tier1-gating.functional}
--- a/rpminspect.yaml
+++ b/rpminspect.yaml
@ -0,0 +1,14 @@
+---
+badfuncs:
+  ignore:
+    - /usr/lib*/xorg/modules/extensions/libvnc.so
+    - /usr/bin/vncviewer
+    - /usr/bin/Xvnc
+    - /usr/bin/x0vncserver
+runpath:
+  # This is intentional, we know where we need Mesa's libGL, which will always
+  # be in ${libdir} and not any third-party libGL that may be configured using
+  # ld.so.conf.
+  allowed_paths:
+    - /usr/lib64
+    - /usr/lib
--- a/1
+++ b/1
@ -0,0 +1 @@
+SHA512 (tigervnc-1.14.0.tar.gz) = ee36f0aa40957274fb00fd755624a8bea80432d797d6c183645ed1251058ab30594d2261693b5655c5ca85a22e53f93029eeccc51fe86780398d1a017fa2311c
--- a/tigervnc-add-missing-coma-in-default-security-type-list.patch
+++ b/tigervnc-add-missing-coma-in-default-security-type-list.patch
@ -0,0 +1,24 @@
+From 4f6a3521874da5a67fd746389cfa9b6199eb3582 Mon Sep 17 00:00:00 2001
+From: Pierre Ossman <ossman@cendio.se>
+Date: Mon, 29 Jul 2024 16:16:08 +0200
+Subject: [PATCH] Add missing comma in default security type list
+
+Otherwise it merges with the next entry, removing both of them from the
+default list.
+---
+ common/rfb/SecurityClient.cxx | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/common/rfb/SecurityClient.cxx b/common/rfb/SecurityClient.cxx
+index 12860662f..63e0cadc0 100644
+--- a/common/rfb/SecurityClient.cxx
+++ b/common/rfb/SecurityClient.cxx
+@@ -60,7 +60,7 @@ StringParameter SecurityClient::secTypes
+  "X509Plain,TLSPlain,X509Vnc,TLSVnc,X509None,TLSNone,"
+ #endif
+ #ifdef HAVE_NETTLE
+- "RA2,RA2_256,RA2ne,RA2ne_256,DH,MSLogonII"
+ "RA2,RA2_256,RA2ne,RA2ne_256,DH,MSLogonII,"
+ #endif
+  "VncAuth,None",
+ ConfViewer);
--- a/tigervnc-correctly-handle-zrle-cursors.patch
+++ b/tigervnc-correctly-handle-zrle-cursors.patch
@ -0,0 +1,29 @@
+From 6d9017eeb364491cf2acdf1c7e61aee8dd198527 Mon Sep 17 00:00:00 2001
+From: Pierre Ossman <ossman@cendio.se>
+Date: Fri, 30 Aug 2024 16:15:09 +0200
+Subject: [PATCH] Correctly handle ZRLE cursors
+
+Cursor data has a depth of 32 bits and hence cannot use CPIXELs.
+
+This is a regression from baca73d.
+---
+ common/rfb/ZRLEDecoder.cxx | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/common/rfb/ZRLEDecoder.cxx b/common/rfb/ZRLEDecoder.cxx
+index 474fd6ca1..e274a697a 100644
+--- a/common/rfb/ZRLEDecoder.cxx
+++ b/common/rfb/ZRLEDecoder.cxx
+@@ -125,10 +125,10 @@ void ZRLEDecoder::zrleDecode(const Rect& r, rdr::InStream* is,
+   Pixel maxPixel = pf.pixelFromRGB((uint16_t)-1, (uint16_t)-1, (uint16_t)-1);
+   bool fitsInLS3Bytes = maxPixel < (1<<24);
+   bool fitsInMS3Bytes = (maxPixel & 0xff) == 0;
+-  bool isLowCPixel = (sizeof(T) == 4) &&
+  bool isLowCPixel = (sizeof(T) == 4) && (pf.depth <= 24) &&
+                      ((fitsInLS3Bytes && pf.isLittleEndian()) ||
+                       (fitsInMS3Bytes && pf.isBigEndian()));
+-  bool isHighCPixel = (sizeof(T) == 4) &&
+  bool isHighCPixel = (sizeof(T) == 4) && (pf.depth <= 24) &&
+                       ((fitsInLS3Bytes && pf.isBigEndian()) ||
+                        (fitsInMS3Bytes && pf.isLittleEndian()));
+ 
--- a/SOURCES/tigervnc-dont-get-pointer-position-for-floating-device.patch
+++ b/SOURCES/tigervnc-dont-get-pointer-position-for-floating-device.patch
--- a/tigervnc-handle-existing-config-directory-in-vncpasswd.patch
+++ b/tigervnc-handle-existing-config-directory-in-vncpasswd.patch
@ -0,0 +1,27 @@
+From 445e0230cf4e939dcc59caf5d5f001c2f7b04da6 Mon Sep 17 00:00:00 2001
+From: Pierre Ossman <ossman@cendio.se>
+Date: Thu, 15 Aug 2024 14:24:42 +0200
+Subject: [PATCH] Handle existing config directory in vncpasswd
+
+This fixes commit a79c33d.
+---
+ unix/vncpasswd/vncpasswd.cxx | 6 ++++--
+ 1 file changed, 4 insertions(+), 2 deletions(-)
+
+diff --git a/unix/vncpasswd/vncpasswd.cxx b/unix/vncpasswd/vncpasswd.cxx
+index 6666955f1..9f794e129 100644
+--- a/unix/vncpasswd/vncpasswd.cxx
+++ b/unix/vncpasswd/vncpasswd.cxx
+@@ -213,8 +213,10 @@ int main(int argc, char** argv)
+       exit(1);
+     }
+     if (os::mkdir_p(configDir, 0777) == -1) {
+-      fprintf(stderr, "Could not create VNC config directory: %s\n", strerror(errno));
+-      exit(1);
+      if (errno != EEXIST) {
+        fprintf(stderr, "Could not create VNC config directory: %s\n", strerror(errno));
+        exit(1);
+      }
+     }
+     snprintf(fname, sizeof(fname), "%s/passwd", configDir);
+   }
--- a/SOURCES/tigervnc-use-gnome-as-default-session.patch
+++ b/SOURCES/tigervnc-use-gnome-as-default-session.patch
--- a/tigervnc-vncsession-move-existing-log-to-log-old-if-present.patch
+++ b/tigervnc-vncsession-move-existing-log-to-log-old-if-present.patch
@ -0,0 +1,94 @@
+From e26bc65b92d1e43570619deadf20b965e0952fef Mon Sep 17 00:00:00 2001
+From: Pat Riehecky <riehecky@fnal.gov>
+Date: Wed, 31 Jul 2024 14:43:46 -0500
+Subject: [PATCH] vncsession: Move existing log to log.old if present
+
+---
+ unix/vncserver/vncsession.c | 47 ++++++++++++++++++++++++++++---------
+ 1 file changed, 36 insertions(+), 11 deletions(-)
+
+diff --git a/unix/vncserver/vncsession.c b/unix/vncserver/vncsession.c
+index 98a0432aa..a10e0789e 100644
+--- a/unix/vncserver/vncsession.c
+++ b/unix/vncserver/vncsession.c
+@@ -393,8 +393,9 @@ redir_stdio(const char *homedir, const char *display, char **envp)
+     int fd;
+     long hostlen;
+     char* hostname = NULL, *xdgstate;
+-    char logfile[PATH_MAX], legacy[PATH_MAX];
+    char logdir[PATH_MAX], logfile[PATH_MAX], logfile_old[PATH_MAX], legacy[PATH_MAX];
+     struct stat st;
+    size_t fmt_len;
+ 
+     fd = open("/dev/null", O_RDONLY);
+     if (fd == -1) {
+@@ -408,15 +409,24 @@ redir_stdio(const char *homedir, const char *display, char **envp)
+     close(fd);
+ 
+     xdgstate = getenvp("XDG_STATE_HOME", envp);
+-    if (xdgstate != NULL && xdgstate[0] == '/')
+-        snprintf(logfile, sizeof(logfile), "%s/tigervnc", xdgstate);
+-    else
+-        snprintf(logfile, sizeof(logfile), "%s/.local/state/tigervnc", homedir);
+    if (xdgstate != NULL && xdgstate[0] == '/') {
+        fmt_len = snprintf(logdir, sizeof(logdir), "%s/tigervnc", xdgstate);
+        if (fmt_len >= sizeof(logdir)) {
+            syslog(LOG_CRIT, "Log dir path too long");
+            _exit(EX_OSERR);
+        }
+    } else {
+        fmt_len = snprintf(logdir, sizeof(logdir), "%s/.local/state/tigervnc", homedir);
+        if (fmt_len >= sizeof(logdir)) {
+            syslog(LOG_CRIT, "Log dir path too long");
+            _exit(EX_OSERR);
+        }
+    }
+ 
+     snprintf(legacy, sizeof(legacy), "%s/.vnc", homedir);
+-    if (stat(logfile, &st) != 0 && stat(legacy, &st) == 0) {
+    if (stat(logdir, &st) != 0 && stat(legacy, &st) == 0) {
+         syslog(LOG_WARNING, "~/.vnc is deprecated, please consult 'man vncsession' for paths to migrate to.");
+-        strcpy(logfile, legacy);
+        strcpy(logdir, legacy);
+ 
+ #ifdef HAVE_SELINUX
+         /* this is only needed to handle historical type changes for the legacy dir */
+@@ -431,9 +441,9 @@ redir_stdio(const char *homedir, const char *display, char **envp)
+ #endif
+     }
+ 
+-    if (mkdir_p(logfile, 0755) == -1) {
+    if (mkdir_p(logdir, 0755) == -1) {
+         if (errno != EEXIST) {
+-            syslog(LOG_CRIT, "Failure creating \"%s\": %s", logfile, strerror(errno));
+            syslog(LOG_CRIT, "Failure creating \"%s\": %s", logdir, strerror(errno));
+             _exit(EX_OSERR);
+         }
+     }
+@@ -450,9 +460,24 @@ redir_stdio(const char *homedir, const char *display, char **envp)
+         _exit(EX_OSERR);
+     }
+ 
+-    snprintf(logfile + strlen(logfile), sizeof(logfile) - strlen(logfile), "/%s%s.log",
+-             hostname, display);
+    fmt_len = snprintf(logfile, sizeof(logfile), "/%s/%s%s.log", logdir, hostname, display);
+    if (fmt_len >= sizeof(logfile)) {
+        syslog(LOG_CRIT, "Log path too long");
+        _exit(EX_OSERR);
+    }
+    fmt_len = snprintf(logfile_old, sizeof(logfile_old), "/%s/%s%s.log.old", logdir, hostname, display);
+    if (fmt_len >= sizeof(logfile)) {
+        syslog(LOG_CRIT, "Log.old path too long");
+        _exit(EX_OSERR);
+    }
+     free(hostname);
+
+    if (stat(logfile, &st) == 0) {
+        if (rename(logfile, logfile_old) != 0) {
+            syslog(LOG_CRIT, "Failure renaming log file \"%s\" to \"%s\": %s", logfile, logfile_old, strerror(errno));
+            _exit(EX_OSERR);
+        }
+    }
+     fd = open(logfile, O_CREAT | O_WRONLY | O_TRUNC, 0644);
+     if (fd == -1) {
+         syslog(LOG_CRIT, "Failure creating log file \"%s\": %s", logfile, strerror(errno));
--- a/SOURCES/tigervnc-vncsession-restore-script-systemd-service.patch
+++ b/SOURCES/tigervnc-vncsession-restore-script-systemd-service.patch
--- a/SOURCES/tigervnc-vncsession-use-bin-sh-when-shell-not-set.patch
+++ b/SOURCES/tigervnc-vncsession-use-bin-sh-when-shell-not-set.patch
--- a/tigervnc-xserver120.patch
+++ b/tigervnc-xserver120.patch
@ -0,0 +1,138 @@
+diff --git a/configure.ac b/configure.ac
+index 0909cc5b4..c01873200 100644
+--- a/configure.ac
+++ b/configure.ac
+@@ -74,6 +74,7 @@ dnl forcing an entire recompile.x
+ AC_CONFIG_HEADERS(include/version-config.h)
+ 
+ AM_PROG_AS
+AC_PROG_CXX
+ AC_PROG_LN_S
+ LT_PREREQ([2.2])
+ LT_INIT([disable-static win32-dll])
+@@ -1735,6 +1736,14 @@ if test "x$XVFB" = xyes; then
+ 	AC_SUBST([XVFB_SYS_LIBS])
+ fi
+ 
+dnl Xvnc DDX
+AC_SUBST([XVNC_LIBS], ["$FB_LIB $FIXES_LIB $XEXT_LIB $CONFIG_LIB $DBE_LIB $RECORD_LIB $GLX_LIBS $RANDR_LIB $RENDER_LIB $DAMAGE_LIB $DRI3_LIB $PRESENT_LIB $MIEXT_SYNC_LIB $MIEXT_DAMAGE_LIB $MIEXT_SHADOW_LIB $XI_LIB $XKB_LIB $XKB_STUB_LIB $COMPOSITE_LIB $MAIN_LIB"])
+AC_SUBST([XVNC_SYS_LIBS], ["$GLX_SYS_LIBS"])
+
+PKG_CHECK_MODULES(GBM, "$LIBGBM", [GBM=yes], [GBM=no])
+if test "x$GBM" = xyes; then
+	AC_DEFINE(HAVE_GBM, 1, [Have GBM support])
+fi
+ 
+ dnl Xnest DDX
+ 
+@@ -2058,7 +2067,6 @@ if test "x$GLAMOR" = xyes; then
+ 			 [AC_DEFINE(GLAMOR_HAS_EGL_QUERY_DRIVER, 1, [Have GLAMOR_HAS_EGL_QUERY_DRIVER])],
+ 			 [])
+ 
+-	PKG_CHECK_MODULES(GBM, "$LIBGBM", [GBM=yes], [GBM=no])
+ 	if test "x$GBM" = xyes; then
+ 		AC_DEFINE(GLAMOR_HAS_GBM, 1,
+ 			  [Build glamor with GBM-based EGL support])
+@@ -2523,6 +2531,7 @@ hw/dmx/Makefile
+ hw/dmx/man/Makefile
+ hw/vfb/Makefile
+ hw/vfb/man/Makefile
+hw/vnc/Makefile
+ hw/xnest/Makefile
+ hw/xnest/man/Makefile
+ hw/xwin/Makefile
+diff --git a/dri3/Makefile.am b/dri3/Makefile.am
+index e47a734e0..99c3718a5 100644
+--- a/dri3/Makefile.am
+++ b/dri3/Makefile.am
+@@ -1,7 +1,7 @@
+ noinst_LTLIBRARIES = libdri3.la
+ AM_CFLAGS = \
+-	-DHAVE_XORG_CONFIG_H \
+-	@DIX_CFLAGS@ @XORG_CFLAGS@
+	@DIX_CFLAGS@ \
+	@LIBDRM_CFLAGS@
+
+ libdri3_la_SOURCES = \
+ 	dri3.h \
+diff --git a/dri3/dri3.c b/dri3/dri3.c
+index ba32facd7..191252969 100644
+--- a/dri3/dri3.c
+++ b/dri3/dri3.c
+@@ -20,10 +20,6 @@
+  * OF THIS SOFTWARE.
+  */
+ 
+-#ifdef HAVE_XORG_CONFIG_H
+-#include <xorg-config.h>
+-#endif
+-
+ #include "dri3_priv.h"
+ 
+ #include <drm_fourcc.h>
+diff --git a/dri3/dri3_priv.h b/dri3/dri3_priv.h
+index b087a9529..f319d1770 100644
+--- a/dri3/dri3_priv.h
+++ b/dri3/dri3_priv.h
+@@ -23,6 +23,7 @@
+ #ifndef _DRI3PRIV_H_
+ #define _DRI3PRIV_H_
+ 
+#include "dix-config.h"
+ #include <X11/X.h>
+ #include "scrnintstr.h"
+ #include "misc.h"
+diff --git a/dri3/dri3_request.c b/dri3/dri3_request.c
+index 958877efa..687168930 100644
+--- a/dri3/dri3_request.c
+++ b/dri3/dri3_request.c
+@@ -20,10 +20,6 @@
+  * OF THIS SOFTWARE.
+  */
+ 
+-#ifdef HAVE_XORG_CONFIG_H
+-#include <xorg-config.h>
+-#endif
+-
+ #include "dri3_priv.h"
+ #include <syncsrv.h>
+ #include <unistd.h>
+diff --git a/dri3/dri3_screen.c b/dri3/dri3_screen.c
+index b98259753..3c7e5bf60 100644
+--- a/dri3/dri3_screen.c
+++ b/dri3/dri3_screen.c
+@@ -20,10 +20,6 @@
+  * OF THIS SOFTWARE.
+  */
+ 
+-#ifdef HAVE_XORG_CONFIG_H
+-#include <xorg-config.h>
+-#endif
+-
+ #include "dri3_priv.h"
+ #include <syncsdk.h>
+ #include <misync.h>
+diff --git a/hw/Makefile.am b/hw/Makefile.am
+index 19895dc77..3ecfa8b7a 100644
+--- a/hw/Makefile.am
+++ b/hw/Makefile.am
+@@ -44,3 +44,5 @@ DIST_SUBDIRS = dmx xfree86 vfb xnest xwin xquartz kdrive xwayland
+ 
+ relink:
+ 	$(AM_V_at)for i in $(SUBDIRS) ; do $(MAKE) -C $$i relink || exit 1 ; done
+
+SUBDIRS += vnc
+diff --git a/include/dix-config.h.in b/include/dix-config.h.in
+index f8fc67067..d53c4e72f 100644
+--- a/include/dix-config.h.in
+++ b/include/dix-config.h.in
+@@ -83,6 +83,9 @@
+ /* Define to 1 if you have the <fcntl.h> header file. */
+ #undef HAVE_FCNTL_H
+ 
+/* Have GBM support */
+#undef HAVE_GBM
+
+ /* Define to 1 if you have the `getdtablesize' function. */
+ #undef HAVE_GETDTABLESIZE
+ 
--- a/SPECS/tigervnc.spec
+++ b/SPECS/tigervnc.spec
@ -4,13 +4,13 @@
 %global modulename vncsession

 Name:           tigervnc
-Version:        1.13.1
-Release:        13%{?dist}
+Version:        1.14.0
+Release:        3%{?dist}
 Summary:        A TigerVNC remote display system

 %global _hardened_build 1

-License:        GPLv2+
+License:        GPL-2.0-or-later
 URL:            http://www.tigervnc.com

 Source0:        %{name}-%{version}.tar.gz
@ -24,13 +24,13 @@ Source5:        vncserver
 # Downstream patches
 Patch1:         tigervnc-use-gnome-as-default-session.patch
 Patch2:         tigervnc-vncsession-restore-script-systemd-service.patch
-Patch3:         tigervnc-dont-install-appstream-metadata-file.patch

 # Upstream patches
-Patch50:        tigervnc-support-username-alias-in-plainusers.patch
-Patch51:        tigervnc-use-dup-to-get-available-fd-for-inetd.patch
-Patch52:        tigervnc-add-option-to-force-view-only-remote-connections.patch
-Patch53:        tigervnc-vncsession-use-bin-sh-when-shell-not-set.patch
+Patch50:        tigervnc-vncsession-use-bin-sh-when-shell-not-set.patch
+Patch51:        tigervnc-add-missing-coma-in-default-security-type-list.patch
+Patch52:        tigervnc-vncsession-move-existing-log-to-log-old-if-present.patch
+Patch53:        tigervnc-handle-existing-config-directory-in-vncpasswd.patch
+Patch54:        tigervnc-correctly-handle-zrle-cursors.patch

 # Upstreamable patches
 Patch80:        tigervnc-dont-get-pointer-position-for-floating-device.patch
@ -42,6 +42,7 @@ Patch101:       0001-rpath-hack.patch

 # XServer patches

+
 BuildRequires:  make
 BuildRequires:  gcc-c++
 BuildRequires:  gettext
@ -77,11 +78,13 @@ BuildRequires:  libXinerama-devel
 BuildRequires:  libXt-devel
 BuildRequires:  libXtst-devel
 BuildRequires:  libdrm-devel
+BuildRequires:  mesa-libgbm-devel
 BuildRequires:  libtool
 BuildRequires:  libxkbfile-devel
 BuildRequires:  libxshmfence-devel
 BuildRequires:  mesa-libGL-devel
-BuildRequires:  xorg-x11-font-utils
+BuildRequires:  pkgconfig(fontutil)
+BuildRequires:  pkgconfig(xkbcomp)
 BuildRequires:  xorg-x11-server-devel
 BuildRequires:  xorg-x11-server-source
 BuildRequires:  xorg-x11-util-macros
@ -126,10 +129,12 @@ X session.

 %package server-minimal
 Summary:        A minimal installation of TigerVNC server
-Requires(post): chkconfig
-Requires(preun):chkconfig
+Requires(post): systemd
+Requires(preun): systemd
+Requires(postun): systemd
+Requires(post): systemd

-Requires:       mesa-dri-drivers, xkeyboard-config, xorg-x11-xkb-utils
+Requires:       mesa-dri-drivers, xkeyboard-config, xkbcomp
 Requires:       tigervnc-license, dbus-x11

 %description server-minimal
@ -186,22 +191,24 @@ pushd unix/xserver
 for all in `find . -type f -perm -001`; do
        chmod -x "$all"
 done
-%patch100 -p1 -b .xserver120-rebased
-%patch101 -p1 -b .rpath
+# Xorg patches
+%patch -P100 -p1 -b .xserver120-rebased
+%patch -P101 -p1 -b .rpath
 popd

-%patch1 -p1 -b .use-gnome-as-default-session
-%patch2 -p1 -b .vncsession-restore-script-systemd-service
-%patch3 -p1 -b .dont-install-appstream-metadata-file.patch
+# Tigervnc patches
+%patch -P1 -p1 -b .use-gnome-as-default-session
+%patch -P2 -p1 -b .vncsession-restore-script-systemd-service

 # Upstream patches
-%patch50 -p1 -b .support-username-alias-in-plainusers
-%patch51 -p1 -b .use-dup-to-get-available-fd-for-inetd
-%patch52 -p1 -b .add-option-to-force-view-only-remote-connections
-%patch53 -p1 -b .tigervnc-vncsession-use-bin-sh-when-shell-not-set
+%patch -P50 -p1 -b .vncsession-use-bin-sh-when-shell-not-set
+%patch -P51 -p1 -b .add-missing-coma-in-default-security-type-list
+%patch -P52 -p1 -b .vncsession-move-existing-log-to-log-old-if-present
+%patch -P53 -p1 -b .handle-existing-config-directory-in-vncpasswd
+%patch -P54 -p1 -b .correctly-handle-zrle-cursors.patch

 # Upstreamable patches
-%patch80 -p1 -b .dont-get-pointer-position-for-floating-device
+%patch -P80 -p1 -b .dont-get-pointer-position-for-floating-device

 %build
 %ifarch sparcv9 sparc64 s390 s390x
@ -209,12 +216,22 @@ export CFLAGS="$RPM_OPT_FLAGS -fPIC"
 %else
 export CFLAGS="$RPM_OPT_FLAGS -fpic"
 %endif
-export CXXFLAGS="$CFLAGS"
+export CXXFLAGS="$CFLAGS -std=c++11"

-%{cmake} .
-make %{?_smp_mflags}
+%define __cmake_builddir %{_target_platform}
+
+mkdir -p %{%__cmake_builddir}
+
+%cmake
+
+%cmake_build

 pushd unix/xserver
+
+%if 0%{?fedora} > 32 || 0%{?rhel} >= 9
+sed -i 's@TIGERVNC_BUILDDIR=${TIGERVNC_SRCDIR}@TIGERVNC_BUILDDIR=${TIGERVNC_SRCDIR}/%{_target_platform}@g' hw/vnc/Makefile.am
+%endif
+
 autoreconf -fiv
 %configure \
        --disable-xorg --disable-xnest --disable-xvfb --disable-dmx \
@ -224,11 +241,10 @@ autoreconf -fiv
        --with-fontdir=%{_datadir}/X11/fonts \
        --with-xkb-output=%{_localstatedir}/lib/xkb \
        --enable-install-libxf86config \
-        --enable-glx --disable-dri --enable-dri2 --disable-dri3 \
+        --enable-glx --disable-dri --enable-dri2 --enable-dri3 \
        --disable-unit-tests \
        --disable-config-hal \
        --disable-config-udev \
-        --with-dri-driver-path=%{_libdir}/dri \
        --without-dtrace \
        --disable-devel-docs \
        --disable-selective-werror
@ -237,7 +253,11 @@ make %{?_smp_mflags}
 popd

 # Build icons
+%if 0%{?fedora} > 32 || 0%{?rhel} >= 9
+pushd %{_target_platform}/media
+%else
 pushd media
+%endif
 make
 popd

@ -246,19 +266,19 @@ pushd unix/vncserver/selinux
 make
 popd

-
 %install
-%make_install
+%cmake_install
+rm -f %{buildroot}%{_docdir}/%{name}-%{version}/{README.rst,LICENCE.TXT}

 pushd unix/xserver/hw/vnc
-make install DESTDIR=%{buildroot}
+%make_install
 popd

+# Install systemd unit file
 pushd unix/vncserver/selinux
 make install DESTDIR=%{buildroot}
 popd

-
 # Install systemd unit file
 install -m644 %{SOURCE1} %{buildroot}%{_unitdir}/xvnc@.service
 install -m644 %{SOURCE2} %{buildroot}%{_unitdir}/xvnc.socket
@ -272,7 +292,21 @@ install -m644 tigervnc_$s.png %{buildroot}%{_datadir}/icons/hicolor/${s}x$s/apps
 done
 popd

+appstream-util validate-relax --nonet %{buildroot}%{_metainfodir}/org.tigervnc.vncviewer.metainfo.xml
+desktop-file-validate %{buildroot}%{_datadir}/applications/vncviewer.desktop
+
+%if 0%{?rhel} > 9
+# Install a replacement for /usr/bin/vncserver which will tell the user to read the
+# HOWTO.md file
+cat <<EOF > %{buildroot}/%{_bindir}/vncserver
+#!/bin/bash
+echo "vncserver has been replaced by a systemd unit."
+echo "Please read /usr/share/doc/tigervnc/HOWTO.md for more information."
+EOF
+chmod +x %{buildroot}/%{_bindir}/vncserver
+%else
 install -m 755 %{SOURCE5} %{buildroot}/%{_bindir}/vncserver
+%endif

 %find_lang %{name} %{name}.lang

@ -283,15 +317,14 @@ mkdir -p %{buildroot}%{_sysconfdir}/X11/xorg.conf.d/
 install -m 644 %{SOURCE3} %{buildroot}%{_sysconfdir}/X11/xorg.conf.d/10-libvnc.conf

 %post server
-%systemd_post xvnc.service
+%systemd_post xvnc@.service
 %systemd_post xvnc.socket

 %preun server
-%systemd_preun xvnc.service
 %systemd_preun xvnc.socket

 %postun server
-%systemd_postun xvnc.service
+%systemd_postun xvnc@.service
 %systemd_postun xvnc.socket

 %pre selinux
@ -313,6 +346,7 @@ fi
 %{_bindir}/vncviewer
 %{_datadir}/applications/*
 %{_mandir}/man1/vncviewer.1*
+%{_datadir}/metainfo/org.tigervnc.vncviewer.metainfo.xml

 %files server
 %config(noreplace) %{_sysconfdir}/pam.d/tigervnc
@ -322,8 +356,8 @@ fi
 %{_unitdir}/vncserver@.service
 %{_unitdir}/xvnc@.service
 %{_unitdir}/xvnc.socket
-%{_bindir}/x0vncserver
 %{_bindir}/vncserver
+%{_bindir}/x0vncserver
 %{_sbindir}/vncsession
 %{_libexecdir}/vncserver
 %{_libexecdir}/vncsession-start
@ -343,7 +377,7 @@ fi

 %files server-module
 %{_libdir}/xorg/modules/extensions/libvnc.so
-%config %{_sysconfdir}/X11/xorg.conf.d/10-libvnc.conf
+%config(noreplace) %{_sysconfdir}/X11/xorg.conf.d/10-libvnc.conf

 %files license
 %{_docdir}/tigervnc/LICENCE.TXT
@ -356,255 +390,292 @@ fi
 %ghost %verify(not md5 size mode mtime) %{_sharedstatedir}/selinux/%{selinuxtype}/active/modules/200/%{modulename}

 %changelog
-* Mon Aug 05 2024 Jan Grulich <jgrulich@redhat.com> - 1.13.1-13
+* Wed Sep 04 2024 Jan Grulich <jgrulich@redhat.com> - 1.14.0-3
+- Move old log to log.old if present (fix patch)
+  Resolves: RHEL-54294
+
+* Tue Aug 23 2024 Jan Grulich <jgrulich@redhat.com> - 1.14.0-2
+- 1.14.0
+  Resolves: RHEL-45316
+- Move old log to log.old if present
+  Resolves: RHEL-54294
+- Fix shared memory leak
+  Resolves: RHEL-55768
+
+* Mon Aug 05 2024 Jan Grulich <jgrulich@redhat.com> - 1.13.1-11
 - vncsession: use /bin/sh if the user shell is not set
-  Resolves: RHEL-52827
+  Resolves: RHEL-50679

-* Fri Jul 12 2024 Jan Grulich <jgrulich@redhat.com> - 1.13.1-12
- Fix FTBS: drop already applied Xorg patches
-  Resolves: RHEL-46696
-
-* Tue May 28 2024 Jan Grulich <jgrulich@redhat.com> - 1.13.1-11
+* Tue May 28 2024 Jan Grulich <jgrulich@redhat.com> - 1.13.1-10
 - vncconfig: add option to force view-only remote client connections
-  Resolves: RHEL-11908
+  Resolves: RHEL-12144

-* Mon Apr 15 2024 Jan Grulich <jgrulich@redhat.com> - 1.13.1-10
- Drop patches that are already part of xorg-x11-server
-  Resolves: RHEL-30755
-  Resolves: RHEL-30767
-  Resolves: RHEL-30761
-
-* Thu Apr 04 2024 Jan Grulich <jgrulich@redhat.com> - 1.13.1-9
+* Tue Apr 16 2024 Jan Grulich <jgrulich@redhat.com> - 1.13.1-9
 - Fix CVE-2024-31080 tigervnc: xorg-x11-server: Heap buffer overread/data leakage in ProcXIGetSelectedEvents
-  Resolves: RHEL-30755
+  Resolves: RHEL-30756
 - Fix CVE-2024-31083 tigervnc: xorg-x11-server: User-after-free in ProcRenderAddGlyphs
-  Resolves: RHEL-30767
+  Resolves: RHEL-30768
 - Fix CVE-2024-31081 tigervnc: xorg-x11-server: Heap buffer overread/data leakage in ProcXIPassiveGrabDevice
-  Resolves: RHEL-30761
+  Resolves: RHEL-30762

 * Wed Feb 07 2024 Jan Grulich <jgrulich@redhat.com> - 1.13.1-8
 - Fix copy/paste error in the DeviceStateNotify
-  Resolves: RHEL-20530
+  Resolves: RHEL-20533

 * Mon Jan 22 2024 Jan Grulich <jgrulich@redhat.com> - 1.13.1-7
 - Fix CVE-2024-21886 tigervnc: xorg-x11-server: heap buffer overflow in DisableDevice
-  Resolves: RHEL-20388
+  Resolves: RHEL-20389
 - Fix CVE-2024-21885 tigervnc: xorg-x11-server: heap buffer overflow in XISendDeviceHierarchyEvent
-  Resolves: RHEL-20382
+  Resolves: RHEL-20383
 - Fix CVE-2024-0229 tigervnc: xorg-x11-server: reattaching to different master device may lead to out-of-bounds memory access
-  Resolves: RHEL-20530
+  Resolves: RHEL-20533
 - Fix CVE-2023-6816 tigervnc: xorg-x11-server: Heap buffer overflow in DeviceFocusEvent and ProcXIQueryPointer
-  Resolves: RHEL-21214
+  Resolves: RHEL-21213

 * Mon Jan 08 2024 Jan Grulich <jgrulich@redhat.com> - 1.13.1-6
 - Use dup() to get available file descriptor when using -inetd option
-  Resolves: RHEL-21000
+  Resolves: RHEL-19858

 * Mon Dec 18 2023 Jan Grulich <jgrulich@redhat.com> - 1.13.1-5
 - Fix CVE-2023-6377 tigervnc: xorg-x11-server: out-of-bounds memory reads/writes in XKB button actions
-  Resolves: RHEL-18410
+  Resolves: RHEL-18414
 - Fix CVE-2023-6478 tigervnc: xorg-x11-server: out-of-bounds memory read in RRChangeOutputProperty and RRChangeProviderProperty
-  Resolves: RHEL-18422
+  Resolves: RHEL-18426

 * Wed Nov 01 2023 Jan Grulich <jgrulich@redhat.com> - 1.13.1-4
 - Fix CVE-2023-5380 tigervnc: xorg-x11-server: Use-after-free bug in DestroyWindow
-  Resolves: RHEL-15236
+  Resolves: RHEL-15237

 - Fix CVE-2023-5367 tigervnc: xorg-x11-server: Out-of-bounds write in XIChangeDeviceProperty/RRChangeOutputProperty
-  Resolves: RHEL-15230
+  Resolves: RHEL-15249

 * Mon Oct 09 2023 Jan Grulich <jgrulich@redhat.com> - 1.13.1-3
 - Support username alias in PlainUsers
-  Resolves: RHEL-4258
+  Resolves: RHEL-8430

 * Tue Apr 11 2023 Jan Grulich <jgrulich@redhat.com> - 1.13.1-2
 - xorg-x11-server: X.Org Server Overlay Window Use-After-Free Local Privilege
  Escalation Vulnerability
-  Resolves: bz#2180306
+  Resolves: bz#2180310

 * Tue Mar 21 2023 Jan Grulich <jgrulich@redhat.com> - 1.13.1-1
 - 1.13.1
-  Resolves: bz#2175748
- Restore "--fallbacktofreeport" option in the vncserver script
-  Resolves: bz#2174398
+  Resolves: bz#2175732

-* Thu Dec 08 2022 Jan Grulich <jgrulich@redhat.com> - 1.12.0-9
- Bump build version to fix upgrade path
-  Resolves: bz#1437569
+* Tue Feb 21 2023 Jan Grulich <jgrulich@redhat.com> - 1.12.0-12
+- SELinux: allow vncsession create .vnc directory
+  Resolves: bz#2164703

-* Fri Nov 18 2022 Jan Grulich <jgrulich@redhat.com> - 1.12.0-8
+* Wed Feb 15 2023 Jan Grulich <jgrulich@redhat.com> - 1.12.0-11
+- Add sanity check when cleaning up keymap changes
+  Resolves: bz#2169965
+
+* Mon Feb 06 2023 Jan Grulich <jgrulich@redhat.com> - 1.12.0-10
+- xorg-x11-server: DeepCopyPointerClasses use-after-free leads to privilege elevation
+  Resolves: bz#2167061
+
+* Tue Dec 20 2022 Tomas Popela <tpopela@redhat.com> - 1.12.0-9
+- Rebuild for xorg-x11-server CVE-2022-46340 follow up fix
+
+* Fri Dec 16 2022 Jan Grulich <jgrulich@redhat.com> - 1.12.0-8
+- Rebuild for xorg-x11-server CVEs
+  Resolves: CVE-2022-4283 (bz#2154234)
+  Resolves: CVE-2022-46340 (bz#2154221)
+  Resolves: CVE-2022-46341 (bz#2154224)
+  Resolves: CVE-2022-46342 (bz#2154226)
+  Resolves: CVE-2022-46343 (bz#2154228)
+  Resolves: CVE-2022-46344 (bz#2154230)
+
+* Thu Dec 01 2022 Jan Grulich <jgrulich@redhat.com> - 1.12.0-7
 - x0vncserver: add new keysym in case we don't find matching keycode
-  Resolves: bz#1437569
+  + actually apply the patch
+  Resolves: bz#2119017

-* Wed Aug 24 2022 Jan Grulich <jgrulich@redhat.com> - 1.12.0-7
+* Thu Dec 01 2022 Jan Grulich <jgrulich@redhat.com> - 1.12.0-6
+- x0vncserver: add new keysym in case we don't find matching keycode
+  Resolves: bz#2119017
+
+* Mon Oct 24 2022 Jan Grulich <jgrulich@redhat.com> - 1.12.0-5
 - x0vncserver: fix ghost cursor in zaphod mode (better version)
-  Resolves: bz#2109679
+  Resolves: bz#2119016

-* Wed Aug 17 2022 Jan Grulich <jgrulich@redhat.com> - 1.12.0-6
- x0vncserver: fix ghost cursor in zaphod mode
-  Resolves: bz#2109679
+* Tue May 31 2022 Jan Grulich <jgrulich@redhat.com> - 1.12.0-4
+- Add BR: libXdamage, libXfixes, libXrandr
+  Resolves: bz#2091833

-* Tue May 31 2022 Jan Grulich <jgrulich@redhat.com> - 1.12.0-5
- BR: libXdamage, libXfixes, libXrandr
-  Resolves: bz#2088733
+* Tue Apr 05 2022 Jan Grulich <jgrulich@redhat.com> - 1.12.0-3
+- Do not run systemd_preun on Xvnc service file
+  Resolves: bz#2048011

-* Tue Feb 08 2022 Jan Grulich <jgrulich@redhat.com> - 1.12.0-4
+* Mon Apr 04 2022 Jan Grulich <jgrulich@redhat.com> - 1.12.0-2
+- Drop unexisting option from the old vncserver script
+  Resolves: bz#2021893
+
+* Wed Mar 23 2022 Jan Grulich <jgrulich@redhat.com> - 1.12.0-1
+- 1.12.0 + sync with Fedora
+  Resolves: bz#2048011
+  Resolves: bz#2021893
+
+* Mon Feb 07 2022 Jan Grulich <jgrulich@redhat.com> - 1.11.0-21
 - Added vncsession-restore script for SELinux policy migration
  Fix SELinux context for root user
-  Resolves: bz#2021892
+  Resolves: bz#2049506

-* Fri Jan 21 2022 Jan Grulich <jgrulich@redhat.com> - 1.12.0-3
- Fix crash in vncviewer
-  Resolves: bz#2021892
+* Fri Nov 26 2021 Jan Grulich <jgrulich@redhat.com> - 1.11.0-20
+- Rebuild for absence in RHEL 9.0
+  Resolves: bz#1985858

-* Fri Jan 14 2022 Jan Grulich <jgrulich@redhat.com> - 1.12.0-2
- Remove unavailable option from vncserver script
-  Resolves: bz#2021892
+* Mon Aug 16 2021 Jan Grulich <jgrulich@redhat.com> - 1.11.0-19
+- Sync upstream patches + drop unused patches
+  Resolves: bz#1985858

-* Fri Jan 14 2022 Jan Grulich <jgrulich@redhat.com> - 1.12.0-1
- 1.12.0
-  Resolves: bz#2021892
+* Tue Aug 10 2021 Mohan Boddu <mboddu@redhat.com> - 1.11.0-18
+- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
+  Related: rhbz#1991688

-* Mon Jul 19 2021 Jan Grulich <jgrulich@redhat.com> - 1.11.0-9
+* Mon Jul 19 2021 Jan Grulich <jgrulich@redhat.com> - 1.11.0-17
 - Fix logout from VNC session using vncserver
-  Resolves: bz#1983706
+  Resolves: bz#1983704

-* Tue Jun 01 2021 Jan Grulich <jgrulich@redhat.com> - 1.11.0-8
- Run all SELinux RPM macros on correct package
-  Resolves: bz#1907963
+* Tue Jun 01 2021 Jan Grulich <jgrulich@redhat.com> - 1.11.0-16
+- Bump version for rebuild (binutils)
+  Resolves: bz#1961488

-* Mon May 17 2021 Jan Grulich <jgrulich@redhat.com> - 1.11.0-7
+* Mon May 17 2021 Jan Grulich <jgrulich@redhat.com> - 1.11.0-14
 - SELinux improvements
-  Resolves: bz#1907963
+  Resolves: bz#1961488

-* Tue Dec 15 2020 Jan Grulich <jgrulich@redhat.com> - 1.11.0-6
- Use GNOME as default session
-  Resolves: bz#1853608
+- Fix endianness issue on s390x
+  Resolves: bz#1963029

-* Thu Dec 03 2020 Jan Grulich <jgrulich@redhat.com> - 1.11.0-5
- Make sure we log properly output to journal (actually log to syslog)
-  Resolves: bz#1841537
+* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 1.11.0-13
+- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937

-* Thu Dec 03 2020 Jan Grulich <jgrulich@redhat.com> - 1.11.0-4
- Make sure we log properly output to journal
-  Resolves: bz#1841537
+* Mon Mar 08 2021 Jan Grulich <jgrulich@redhat.com> - 1.11.0-12
+- Include RHEL8 patches

-* Wed Nov 18 2020 Jan Grulich <jgrulich@redhat.com> - 1.11.0-3
- vncserver: ignore new "session" parameter from the new systemd support
-  Resolves: bz#1897504
+* Fri Mar 05 2021 Jan Grulich <jgrulich@redhat.com> - 1.11.0-11
+- Enable old vncserver script for RHEL 9

-* Wed Nov 18 2020 Jan Grulich <jgrulich@redhat.com> - 1.11.0-2
- Revert removal of vncserver
-  Resolves: bz#1897504
- Correctly start vncsession as a daemon
-  Resolves: bz#1897498
+* Wed Jan 27 2021 Fedora Release Engineering <releng@fedoraproject.org> - 1.11.0-10
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild

-* Tue Oct 20 2020 Jan Grulich <jgrulich@redhat.com> - 1.11.0-1
- Update to 1.11.0
-  Resolves: bz#1880985
- Backport fix to allow Tigervnc use boolean values in config files
-  Resolves: bz#1883415
+* Thu Dec 10 07:45:46 CET 2020 Jan Grulich <jgrulich@redhat.com> - 1.11.0-9
+- vncserver: ignore new session parameter from the new systemd support

-* Wed Sep 30 2020 Jan Grulich <jgrulich@redhat.com> - 1.10.1-8
- Tolerate specifying -BoolParam 0 and similar
-  Resolves: bz#1883415
+* Fri Nov 13 14:08:29 CET 2020 Jan Grulich <jgrulich@redhat.com> - 1.11.0-8
+- Use /run instead of /var/run which is just a symlink

-* Wed Jul 08 2020 Jan Grulich <jgrulich@redhat.com> - 1.10.1-7
- Enable server module on s390x
-  Resolves: bz#1854925
+* Thu Nov 05 2020 Peter Hutterer <peter.hutterer@redhat.com> 1.11.0-7
+- Require xkbcomp directly, not xorg-x11-xkb-utils. The latter has had
+  Provides xkbcomp for years.

-* Fri Jul 03 2020 Jan Grulich <jgrulich@redhat.com> - 1.10.1-6
- Remove trailing spaces in user name
-  Resolves: bz#1852432
+* Tue Sep 29 13:12:22 CEST 2020 Jan Grulich <jgrulich@redhat.com> - 1.11.0-6
+- Backport upstream fix allowing Tigervnc to specify boolean valus in configuration
+- Revert removal of vncserver for F32 and F33

-* Thu Jun 25 2020 Jan Grulich <jgrulich@redhat.com> - 1.10.1-5
- Install the HOWTO file to correct location
+* Thu Sep 24 07:14:06 CEST 2020 Jan Grulich <jgrulich@redhat.com> - 1.11.0-5
+- Actually install the HOWTO.md file
+
+* Wed Sep 23 2020 Jan Grulich <jgrulich@redhat.com> - 1.11.0-4
+- Call systemd macros on correct service file
+
+* Tue Sep 22 2020 Jan Grulich <jgrulich@redhat.com> - 1.11.0-3
+- Do not overwrite libvnc.conf config file
+
+* Thu Sep 17 2020 Jan Grulich <jgrulich@redhat.com> - 1.11.0-2
 - Add /usr/bin/vncserver file informing users to read the HOWTO.md file
-  Resolves: bz#1790443

-* Mon Jun 15 2020 Jan Grulich <jgrulich@redhat.com> - 1.10.1-4
- Improve SELinux policy
-  Resolves: bz#1790443
+* Wed Sep 09 2020 Jan Grulich <jgrulich@redhat.com> - 1.11.0-1
+- 1.11.0

-* Mon Jun 15 2020 Jan Grulich <jgrulich@redhat.com> - 1.10.1-3
- Add a HOWTO.md file with instructions how to start VNC server
-  Resolves: bz#1790443
+* Mon Aug 24 2020 Jan Grulich <jgrulich@redhat.com. - 1.10.90-1
+- Update to 1.10.90 (1.11.0 beta)

-* Tue May 26 2020 Jan Grulich <jgrulich@redhat.com> - 1.10.1-2
- Make the systemd service run also for root user
-  Resolves: bz#1790443
+* Sat Aug 01 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.10.1-9
+- Second attempt - Rebuilt for
+  https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild

-* Mon Apr 27 2020 Jan Grulich <jgrulich@redhat.com> - 1.10.1-1
+* Wed Jul 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.10.1-8
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
+
+* Tue Jul 14 2020 Tom Stellard <tstellar@redhat.com> - 1.10.1-7
+- Use make macros
+- https://fedoraproject.org/wiki/Changes/UseMakeBuildInstallMacro
+
+* Sat Jul 11 2020 Jiri Vanek <jvanek@redhat.com> - 1.10.1-6
+- Rebuilt for JDK-11, see https://fedoraproject.org/wiki/Changes/Java11
+
+* Sun Apr 19 2020 Jan Grulich <jgrulich@redhat.com> - 1.10.1-5
+- Requires: dbus-x11
+  Resolves: bz#1825331
+
+* Fri Mar 13 2020 Olivier Fourdan <ofourdan@redhat.com> - 1.10.1-4
+- Fix build with xserver 1.20.7
+
+* Fri Jan 31 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.10.1-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
+
+* Mon Jan 13 2020 Jan Grulich <jgrulich@redhat.com> - 1.10.1-2
+- Build with -std=c++11
+
+* Fri Dec 20 2019 Jan Grulich <jgrulich@redhat.com> - 1.10.1-1
 - Update to 1.10.1
-  Resolves: bz#1806992

- Add proper systemd support
-  Resolves: bz#1790443
+* Tue Dec 10 2019 Jan Grulich <jgrulich@redhat.com> - 1.10.0-2
+- Properly install systemd files

-* Tue Jan 28 2020 Jan Grulich <jgrulich@redhat.com> - 1.9.0-13
- Bump build because of z-stream
-  Resolves: bz#1671714
+* Mon Nov 18 2019 Jan Grulich <jgrulich@redhat.com> - 1.10.0-1
+- Update to 1.10.0

-* Wed Dec 11 2019 Jan Grulich <jgrulich@redhat.com> - 1.9.0-12
- Fix installation of systemd files
-  Resolves: bz#1671714
+* Fri Oct 18 2019 Jan Grulich <jgrulich@redhat.com> - 1.9.90-1
+- Update to 1.9.90 (1.10 beta)
+- Add systemd user service file
+- Use a wrapper for systemd system service file to workaround systemd limitations

-* Wed Nov 20 2019 Jan Grulich <jgrulich@redhat.com> - 1.9.0-11
- Use wrapper script to workaround systemd issues
-  Resolves: bz#1671714
+* Sat Jul 27 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.9.0-7
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild

-* Fri Jul 12 2019 Jan Grulich <jgrulich@redhat.com> - 1.9.0-10
- Do not return returncode indicating error when running "vncserver -list"
-  Resolves: bz#1727860
+* Fri Jul 19 2019 Dan Horák <dan[at]danny.cz> - 1.9.0-6
+- drop the s390x special handling (related #1727029)

-* Fri Feb 08 2019 Jan Grulich <jgrulich@redhat.com> - 1.9.0-9
- Make tigervnc systemd service a user service
-  Resolves: bz#1639846
+* Wed Jun 12 2019 Jan Grulich <jgrulich@redhat.com> - 1.9.0-5
+- Add missing arguments to systemd_postun scriptlets
+  Resolves: bz#1716411

-* Mon Jan 21 2019 Jan Grulich <jgrulich@redhat.com> - 1.9.0-8
- Kill the session automatically only when Gnome is installed
-  Resolves: bz#1665876
+* Sun Feb 03 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.9.0-4
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild

-* Tue Nov 20 2018 Jan Grulich <jgrulich@redhat.com> - 1.9.0-7
- Improve coverity scan fixes
-  Resolves: bz#1602714
-
-  Inform whether view-only password is used or not
-  Resolves: bz#1639169
-
-  Backport fixes from RHEL 7
-  Resolves: bz#1651254
-
-* Tue Oct 09 2018 Jan Grulich <jgrulich@redhat.com> - 1.9.0-6
+* Tue Sep 25 2018 Jan Grulich <jgrulich@redhat.com> - 1.9.0-3
 - Do not crash passwd when using malloc perturb checks
-  Resolves: bz#1637086
-
-* Mon Oct 08 2018 Jan Grulich <jgrulich@redhat.com> - 1.9.0-5
- Improve coverity scan fixes
-  Resolves: bz#1602714
-
-* Wed Oct 03 2018 Jan Grulich <jgrulich@redhat.com> - 1.9.0-4
- Improve coverity scan fixes
-  Resolves: bz#1602714
-
-* Wed Oct 03 2018 Jan Grulich <jgrulich@redhat.com> - 1.9.0-3
- Fix some coverity scan issues
-  Resolves: bz#1602714
+  Resolves: bz#1631483

 * Wed Aug 01 2018 Jan Grulich <jgrulich@redhat.com> - 1.9.0-2
- Remove dependency on initscripts
+- Ignore buttons in mouse leave events
+  Resolves: bz#1609516

 * Tue Jul 17 2018 Jan Grulich <jgrulich@redhat.com> - 1.9.0-1
- Update to 1.9.0 + sync with Fedora
+- Update to 1.9.0

-* Tue Jun 12 2018 Adam Jackson <ajax@redhat.com> - 1.8.0-10
- Fix GLX initialization with Xorg 1.20
+* Sat Jul 14 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1.8.90-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild

-* Tue May 29 2018 Jan Grulich <jgrulich@redhat.com> - 1.8.0-9
- Build against Xorg 1.20
+* Wed Jul  4 2018 Peter Robinson <pbrobinson@fedoraproject.org> 1.8.90-2
+- Clean up spec: use macros consistenly, drop old sys-v migrations
+- Drop ancient obsolete/provides

-* Mon May 14 2018 Jan Grulich <jgrulich@redhat.com> - 1.8.0-8
- Drop BR: ImageMagick
+* Thu Jun 14 2018 Jan Grulich <jgrulich@redhat.com> - 1.8.90-1
+- Update to 1.8.90
+
+* Wed Jun 13 2018 Jan Grulich <jgrulich@redhat.com> - 1.8.0-10
+- Fix tigervnc systemd unit file
+  Resolves: bz#1583159
+
+* Wed Jun 06 2018 Adam Jackson <ajax@redhat.com> - 1.8.0-9
+- Fix GLX initialization with 1.20
+
+* Wed Apr 04 2018 Adam Jackson <ajax@redhat.com> - 1.8.0-8
+- Rebuild for xserver 1.20

 * Fri Feb 09 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1.8.0-7
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
--- a/SOURCES/vncserver
+++ b/SOURCES/vncserver
--- a/vncserver.man
+++ b/vncserver.man
@ -0,0 +1,204 @@
+.TH vncserver 1 "" "TigerVNC" "Virtual Network Computing"
+.SH NAME
+vncserver \- start or stop a VNC server
+.SH SYNOPSIS
+.B vncserver
+.RI [: display# ]
+.RB [ \-name
+.IR desktop-name ]
+.RB [ \-geometry
+.IR width x height ]
+.RB [ \-depth
+.IR depth ]
+.RB [ \-pixelformat
+.IR format ]
+.RB [ \-fp
+.IR font-path ]
+.RB [ \-fg ]
+.RB [ \-autokill ]
+.RB [ \-noxstartup ]
+.RB [ \-xstartup
+.IR script ]
+.RI [ Xvnc-options... ]
+.br
+.BI "vncserver \-kill :" display#
+.br
+.BI "vncserver \-list"
+.SH DESCRIPTION
+.B vncserver
+is used to start a VNC (Virtual Network Computing) desktop.
+.B vncserver
+is a Perl script which simplifies the process of starting an Xvnc server.  It
+runs Xvnc with appropriate options and starts a window manager on the VNC
+desktop.
+
+.B vncserver
+can be run with no options at all. In this case it will choose the first
+available display number (usually :1), start Xvnc with that display number,
+and start the default window manager in the Xvnc session.  You can also
+specify the display number, in which case vncserver will attempt to start
+Xvnc with that display number and exit if the display number is not
+available.  For example:
+
+.RS
+vncserver :13
+.RE
+
+Editing the file $HOME/.vnc/xstartup allows you to change the applications run
+at startup (but note that this will not affect an existing VNC session.)
+
+.SH OPTIONS
+You can get a list of options by passing \fB\-h\fP as an option to vncserver.
+In addition to the options listed below, any unrecognised options will be
+passed to Xvnc - see the Xvnc man page, or "Xvnc \-help", for details.
+
+.TP
+.B \-name \fIdesktop-name\fP
+Each VNC desktop has a name which may be displayed by the viewer. The desktop
+name defaults to "\fIhost\fP:\fIdisplay#\fP (\fIusername\fP)", but you can
+change it with this option.  The desktop name option is passed to the xstartup
+script via the $VNCDESKTOP environment variable, which allows you to run a
+different set of applications depending on the name of the desktop.
+.
+.TP
+.B \-geometry \fIwidth\fPx\fIheight\fP
+Specify the size of the VNC desktop to be created. Default is 1024x768.
+.
+.TP
+.B \-depth \fIdepth\fP
+Specify the pixel depth (in bits) of the VNC desktop to be created. Default is
+24.  Other possible values are 8, 15 and 16 - anything else is likely to cause
+strange behaviour by applications.
+.
+.TP
+.B \-pixelformat \fIformat\fP
+Specify pixel format for Xvnc to use (BGRnnn or RGBnnn).  The default for
+depth 8 is BGR233 (meaning the most significant two bits represent blue, the
+next three green, and the least significant three represent red), the default
+for depth 16 is RGB565, and the default for depth 24 is RGB888.
+.
+.TP
+.B \-cc 3
+As an alternative to the default TrueColor visual, this allows you to run an
+Xvnc server with a PseudoColor visual (i.e. one which uses a color map or
+palette), which can be useful for running some old X applications which only
+work on such a display.  Values other than 3 (PseudoColor) and 4 (TrueColor)
+for the \-cc option may result in strange behaviour, and PseudoColor desktops
+must have an 8-bit depth.
+.
+.TP
+.B \-kill :\fIdisplay#\fP
+This kills a VNC desktop previously started with vncserver.  It does this by
+killing the Xvnc process, whose process ID is stored in the file
+"$HOME/.vnc/\fIhost\fP:\fIdisplay#\fP.pid".  The
+.B \-kill
+option ignores anything preceding the first colon (":") in the display
+argument.  Thus, you can invoke "vncserver \-kill $DISPLAY", for example at the
+end of your xstartup file after a particular application exits.
+.
+.TP
+.B \-fp \fIfont-path\fP
+If the vncserver script detects that the X Font Server (XFS) is running, it
+will attempt to start Xvnc and configure Xvnc to use XFS for font handling.
+Otherwise, if XFS is not running, the vncserver script will attempt to start
+Xvnc and allow Xvnc to use its own preferred method of font handling (which may
+be a hard-coded font path or, on more recent systems, a font catalog.)  In
+any case, if Xvnc fails to start, the vncserver script will then attempt to
+determine an appropriate X font path for this system and start Xvnc using
+that font path.
+
+The
+.B \-fp
+argument allows you to override the above fallback logic and specify a font
+path for Xvnc to use.
+.
+.TP
+.B \-fg
+Runs Xvnc as a foreground process.  This has two effects: (1) The VNC server
+can be aborted with CTRL-C, and (2) the VNC server will exit as soon as the
+user logs out of the window manager in the VNC session.  This may be necessary
+when launching TigerVNC from within certain grid computing environments.
+.
+.TP
+.B \-autokill
+Automatically kill Xvnc whenever the xstartup script exits.  In most cases,
+this has the effect of terminating Xvnc when the user logs out of the window
+manager.
+.
+.TP
+.B \-noxstartup
+Do not run the %HOME/.vnc/xstartup script after launching Xvnc.  This
+option allows you to manually start a window manager in your TigerVNC session.
+.
+.TP
+.B \-xstartup \fIscript\fP
+Run a custom startup script, instead of %HOME/.vnc/xstartup, after launching
+Xvnc. This is useful to run full-screen applications.
+.
+.TP
+.B \-list
+Lists all VNC desktops started by vncserver.
+
+.SH FILES
+Several VNC-related files are found in the directory $HOME/.vnc:
+.TP
+$HOME/.vnc/xstartup
+A shell script specifying X applications to be run when a VNC desktop is
+started.  If this file does not exist, then vncserver will create a default
+xstartup script which attempts to launch your chosen window manager.
+.TP
+/etc/tigervnc/vncserver-config-defaults
+The optional system-wide equivalent of $HOME/.vnc/config. If this file exists
+and defines options to be passed to Xvnc, they will be used as defaults for
+users. The user's $HOME/.vnc/config overrides settings configured in this file.
+The overall configuration file load order is: this file, $HOME/.vnc/config,
+and then /etc/tigervnc/vncserver-config-mandatory. None are required to exist.
+.TP
+/etc/tigervnc/vncserver-config-mandatory
+The optional system-wide equivalent of $HOME/.vnc/config. If this file exists
+and defines options to be passed to Xvnc, they will override any of the same
+options defined in a user's $HOME/.vnc/config. This file offers a mechanism
+to establish some basic form of system-wide policy. WARNING! There is
+nothing stopping users from constructing their own vncserver-like script
+that calls Xvnc directly to bypass any options defined in
+/etc/tigervnc/vncserver-config-mandatory.  Likewise, any CLI arguments passed
+to vncserver will override ANY config file setting of the same name. The
+overall configuration file load order is:
+/etc/tigervnc/vncserver-config-defaults, $HOME/.vnc/config, and then this file.
+None are required to exist.
+.TP
+$HOME/.vnc/config
+An optional server config file wherein options to be passed to Xvnc are listed
+to avoid hard-coding them to the physical invocation. List options in this file
+one per line. For those requiring an argument, simply separate the option from
+the argument with an equal sign, for example: "geometry=2000x1200" or
+"securitytypes=vncauth,tlsvnc". Options without an argument are simply listed
+as a single word, for example: "localhost" or "alwaysshared".
+.TP
+$HOME/.vnc/passwd
+The VNC password file.
+.TP
+$HOME/.vnc/\fIhost\fP:\fIdisplay#\fP.log
+The log file for Xvnc and applications started in xstartup.
+.TP
+$HOME/.vnc/\fIhost\fP:\fIdisplay#\fP.pid
+Identifies the Xvnc process ID, used by the
+.B \-kill
+option.
+
+.SH SEE ALSO
+.BR vncviewer (1),
+.BR vncpasswd (1),
+.BR vncconfig (1),
+.BR Xvnc (1)
+.br
+https://www.tigervnc.org
+
+.SH AUTHOR
+Tristan Richardson, RealVNC Ltd., D. R. Commander and others.
+
+VNC was originally developed by the RealVNC team while at Olivetti
+Research Ltd / AT&T Laboratories Cambridge.  TightVNC additions were
+implemented by Constantin Kaplinsky. Many other people have since
+participated in development, testing and support. This manual is part
+of the TigerVNC software suite.
--- a/SOURCES/xvnc.service
+++ b/SOURCES/xvnc.service
@ -32,7 +32,7 @@
 Description=XVNC Per-Connection Daemon

 [Service]
-ExecStart=-/usr/bin/Xvnc -inetd -query localhost -geometry 1024x768 -depth 24 -once -SecurityTypes=None -Log *:syslog:30
+ExecStart=-/usr/bin/Xvnc -inetd -query localhost -geometry 1024x768 -depth 24 -once -SecurityTypes=None
 User=nobody
 StandardInput=socket
 StandardError=syslog
--- a/SOURCES/xvnc.socket
+++ b/SOURCES/xvnc.socket
				`@ -1 +0,0 @@`
				`6f7a23f14833f552c88523da1a5e102f3b8d35c2 SOURCES/tigervnc-1.13.1.tar.gz`
				`@ -0,0 +1 @@`
				`SHA512 (tigervnc-1.14.0.tar.gz) = ee36f0aa40957274fb00fd755624a8bea80432d797d6c183645ed1251058ab30594d2261693b5655c5ca85a22e53f93029eeccc51fe86780398d1a017fa2311c`