SOURCES/10-libvnc.conf

@@ -12,7 +12,7 @@
 #EndSection
 
 #Section "Screen"
-#    Identifier "Screen0"
+#    Identifier "Screen0
 #    DefaultDepth 16
 #    Option "SecurityTypes" "VncAuth"
 #    Option "PasswordFile" "/root/.vnc/passwd"

SOURCES/tigervnc-dont-install-appstream-metadata-file.patch

@@ -1,51 +0,0 @@
-diff --git a/po/CMakeLists.txt b/po/CMakeLists.txt
-index 052cfb3..c84fb0e 100644
---- a/po/CMakeLists.txt
-+++ b/po/CMakeLists.txt
-@@ -14,7 +14,6 @@ if (GETTEXT_XGETTEXT_EXECUTABLE)
-     ${PROJECT_SOURCE_DIR}/vncviewer/*.h
-     ${PROJECT_SOURCE_DIR}/vncviewer/*.cxx
-     ${PROJECT_SOURCE_DIR}/vncviewer/*.desktop.in.in
--    ${PROJECT_SOURCE_DIR}/vncviewer/*.metainfo.xml.in
-   )
- 
-   add_custom_target(translations_update
-diff --git a/vncviewer/CMakeLists.txt b/vncviewer/CMakeLists.txt
-index 15eac66..450b732 100644
---- a/vncviewer/CMakeLists.txt
-+++ b/vncviewer/CMakeLists.txt
-@@ -100,34 +100,6 @@ if(UNIX)
-   add_custom_target(desktop ALL DEPENDS vncviewer.desktop)
-   install(FILES ${CMAKE_CURRENT_BINARY_DIR}/vncviewer.desktop DESTINATION ${CMAKE_INSTALL_FULL_DATADIR}/applications)
- 
--  if("${GETTEXT_VERSION_STRING}" VERSION_GREATER 0.19.6)
--    add_custom_command(OUTPUT org.tigervnc.vncviewer.metainfo.xml
--      COMMAND ${GETTEXT_MSGFMT_EXECUTABLE}
--                --xml --template ${CMAKE_CURRENT_SOURCE_DIR}/org.tigervnc.vncviewer.metainfo.xml.in
--                -d ${CMAKE_SOURCE_DIR}/po -o org.tigervnc.vncviewer.metainfo.xml
--      DEPENDS ${CMAKE_CURRENT_SOURCE_DIR}/org.tigervnc.vncviewer.metainfo.xml.in
--    )
--  elseif(INTLTOOL_MERGE_EXECUTABLE)
--    add_custom_command(OUTPUT org.tigervnc.vncviewer.metainfo.xml
--      COMMAND sed -e 's@<name>@<_name>@\;s@</name>@</_name>@'
--                  -e 's@<summary>@<_summary>@\;s@</summary>@</_summary>@'
--                  -e 's@<caption>@<_caption>@\;s@</caption>@</_caption>@'
--                  -e 's@<p>@<_p>@g\;s@</p>@</_p>@g'
--                ${CMAKE_CURRENT_SOURCE_DIR}/org.tigervnc.vncviewer.metainfo.xml.in > org.tigervnc.vncviewer.metainfo.xml.intl
--      COMMAND ${INTLTOOL_MERGE_EXECUTABLE}
--                -x ${CMAKE_SOURCE_DIR}/po
--                org.tigervnc.vncviewer.metainfo.xml.intl org.tigervnc.vncviewer.metainfo.xml
--      DEPENDS ${CMAKE_CURRENT_SOURCE_DIR}/org.tigervnc.vncviewer.metainfo.xml.in
--    )
--  else()
--    add_custom_command(OUTPUT org.tigervnc.vncviewer.metainfo.xml
--      COMMAND cp ${CMAKE_CURRENT_SOURCE_DIR}/org.tigervnc.vncviewer.metainfo.xml.in org.tigervnc.vncviewer.metainfo.xml
--      DEPENDS ${CMAKE_CURRENT_SOURCE_DIR}/org.tigervnc.vncviewer.metainfo.xml.in
--    )
--  endif()
--  add_custom_target(appstream ALL DEPENDS org.tigervnc.vncviewer.metainfo.xml)
--  install(FILES ${CMAKE_CURRENT_BINARY_DIR}/org.tigervnc.vncviewer.metainfo.xml DESTINATION ${CMAKE_INSTALL_FULL_DATADIR}/metainfo)
--
-   foreach(res 16 22 24 32 48 64 128)
-     install(FILES ../media/icons/tigervnc_${res}.png DESTINATION ${CMAKE_INSTALL_FULL_DATADIR}/icons/hicolor/${res}x${res}/apps RENAME tigervnc.png)
-   endforeach()

SOURCES/xorg-CVE-2024-0229-followup.patch

@@ -0,0 +1,32 @@
+From 133e0d651c5d12bf01999d6289e84e224ba77adc Mon Sep 17 00:00:00 2001
+From: Peter Hutterer <peter.hutterer@who-t.net>
+Date: Mon, 22 Jan 2024 14:22:12 +1000
+Subject: [PATCH] dix: fix valuator copy/paste error in the DeviceStateNotify
+ event
+
+Fixes 219c54b8a3337456ce5270ded6a67bcde53553d5
+---
+ dix/enterleave.c | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/dix/enterleave.c b/dix/enterleave.c
+index 7b7ba1098b..c1e6ac600e 100644
+--- a/dix/enterleave.c
++++ b/dix/enterleave.c
+@@ -619,11 +619,11 @@ FixDeviceValuator(DeviceIntPtr dev, deviceValuator * ev, ValuatorClassPtr v,
+     ev->first_valuator = first;
+     switch (ev->num_valuators) {
+     case 6:
+-        ev->valuator2 = v->axisVal[first + 5];
++        ev->valuator5 = v->axisVal[first + 5];
+     case 5:
+-        ev->valuator2 = v->axisVal[first + 4];
++        ev->valuator4 = v->axisVal[first + 4];
+     case 4:
+-        ev->valuator2 = v->axisVal[first + 3];
++        ev->valuator3 = v->axisVal[first + 3];
+     case 3:
+         ev->valuator2 = v->axisVal[first + 2];
+     case 2:
+--
+GitLab

SOURCES/xorg-CVE-2024-31080.patch

@@ -0,0 +1,45 @@
+From 96798fc1967491c80a4d0c8d9e0a80586cb2152b Mon Sep 17 00:00:00 2001
+From: Alan Coopersmith <alan.coopersmith@oracle.com>
+Date: Fri, 22 Mar 2024 18:51:45 -0700
+Subject: [PATCH 1/4] Xi: ProcXIGetSelectedEvents needs to use unswapped length
+ to send reply
+
+CVE-2024-31080
+
+Reported-by: https://debbugs.gnu.org/cgi/bugreport.cgi?bug=69762
+Fixes: 53e821ab4 ("Xi: add request processing for XIGetSelectedEvents.")
+Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
+Part-of: <https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/1463>
+---
+ Xi/xiselectev.c | 5 ++++-
+ 1 file changed, 4 insertions(+), 1 deletion(-)
+
+diff --git a/Xi/xiselectev.c b/Xi/xiselectev.c
+index edcb8a0d3..ac1494987 100644
+--- a/Xi/xiselectev.c
++++ b/Xi/xiselectev.c
+@@ -349,6 +349,7 @@ ProcXIGetSelectedEvents(ClientPtr client)
+     InputClientsPtr others = NULL;
+     xXIEventMask *evmask = NULL;
+     DeviceIntPtr dev;
++    uint32_t length;
+ 
+     REQUEST(xXIGetSelectedEventsReq);
+     REQUEST_SIZE_MATCH(xXIGetSelectedEventsReq);
+@@ -418,10 +419,12 @@ ProcXIGetSelectedEvents(ClientPtr client)
+         }
+     }
+ 
++    /* save the value before SRepXIGetSelectedEvents swaps it */
++    length = reply.length;
+     WriteReplyToClient(client, sizeof(xXIGetSelectedEventsReply), &reply);
+ 
+     if (reply.num_masks)
+-        WriteToClient(client, reply.length * 4, buffer);
++        WriteToClient(client, length * 4, buffer);
+ 
+     free(buffer);
+     return Success;
+-- 
+2.44.0
+

SOURCES/xorg-CVE-2024-31081.patch

@@ -0,0 +1,43 @@
+From 3e77295f888c67fc7645db5d0c00926a29ffecee Mon Sep 17 00:00:00 2001
+From: Alan Coopersmith <alan.coopersmith@oracle.com>
+Date: Fri, 22 Mar 2024 18:56:27 -0700
+Subject: [PATCH 2/4] Xi: ProcXIPassiveGrabDevice needs to use unswapped length
+ to send reply
+
+CVE-2024-31081
+
+Fixes: d220d6907 ("Xi: add GrabButton and GrabKeysym code.")
+Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
+Part-of: <https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/1463>
+---
+ Xi/xipassivegrab.c | 5 ++++-
+ 1 file changed, 4 insertions(+), 1 deletion(-)
+
+diff --git a/Xi/xipassivegrab.c b/Xi/xipassivegrab.c
+index c9ac2f855..896233bec 100644
+--- a/Xi/xipassivegrab.c
++++ b/Xi/xipassivegrab.c
+@@ -93,6 +93,7 @@ ProcXIPassiveGrabDevice(ClientPtr client)
+     GrabParameters param;
+     void *tmp;
+     int mask_len;
++    uint32_t length;
+ 
+     REQUEST(xXIPassiveGrabDeviceReq);
+     REQUEST_FIXED_SIZE(xXIPassiveGrabDeviceReq,
+@@ -247,9 +248,11 @@ ProcXIPassiveGrabDevice(ClientPtr client)
+         }
+     }
+ 
++    /* save the value before SRepXIPassiveGrabDevice swaps it */
++    length = rep.length;
+     WriteReplyToClient(client, sizeof(rep), &rep);
+     if (rep.num_modifiers)
+-        WriteToClient(client, rep.length * 4, modifiers_failed);
++        WriteToClient(client, length * 4, modifiers_failed);
+ 
+  out:
+     free(modifiers_failed);
+-- 
+2.44.0
+

SOURCES/xorg-CVE-2024-31082.patch

@@ -0,0 +1,47 @@
+From 6c684d035c06fd41c727f0ef0744517580864cef Mon Sep 17 00:00:00 2001
+From: Alan Coopersmith <alan.coopersmith@oracle.com>
+Date: Fri, 22 Mar 2024 19:07:34 -0700
+Subject: [PATCH 3/4] Xquartz: ProcAppleDRICreatePixmap needs to use unswapped
+ length to send reply
+
+CVE-2024-31082
+
+Fixes: 14205ade0 ("XQuartz: appledri: Fix byte swapping in replies")
+Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
+Part-of: <https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/1463>
+---
+ hw/xquartz/xpr/appledri.c | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/hw/xquartz/xpr/appledri.c b/hw/xquartz/xpr/appledri.c
+index 77574655b..40422b61a 100644
+--- a/hw/xquartz/xpr/appledri.c
++++ b/hw/xquartz/xpr/appledri.c
+@@ -272,6 +272,7 @@ ProcAppleDRICreatePixmap(ClientPtr client)
+     xAppleDRICreatePixmapReply rep;
+     int width, height, pitch, bpp;
+     void *ptr;
++    CARD32 stringLength;
+ 
+     REQUEST_SIZE_MATCH(xAppleDRICreatePixmapReq);
+ 
+@@ -307,6 +308,7 @@ ProcAppleDRICreatePixmap(ClientPtr client)
+     if (sizeof(rep) != sz_xAppleDRICreatePixmapReply)
+         ErrorF("error sizeof(rep) is %zu\n", sizeof(rep));
+ 
++    stringLength = rep.stringLength;  /* save unswapped value */
+     if (client->swapped) {
+         swaps(&rep.sequenceNumber);
+         swapl(&rep.length);
+@@ -319,7 +321,7 @@ ProcAppleDRICreatePixmap(ClientPtr client)
+     }
+ 
+     WriteToClient(client, sizeof(rep), &rep);
+-    WriteToClient(client, rep.stringLength, path);
++    WriteToClient(client, stringLength, path);
+ 
+     return Success;
+ }
+-- 
+2.44.0
+

SOURCES/xorg-CVE-2024-31083.patch

@@ -0,0 +1,112 @@
+From bdca6c3d1f5057eeb31609b1280fc93237b00c77 Mon Sep 17 00:00:00 2001
+From: Peter Hutterer <peter.hutterer@who-t.net>
+Date: Tue, 30 Jan 2024 13:13:35 +1000
+Subject: [PATCH 4/4] render: fix refcounting of glyphs during
+ ProcRenderAddGlyphs
+
+Previously, AllocateGlyph would return a new glyph with refcount=0 and a
+re-used glyph would end up not changing the refcount at all. The
+resulting glyph_new array would thus have multiple entries pointing to
+the same non-refcounted glyphs.
+
+AddGlyph may free a glyph, resulting in a UAF when the same glyph
+pointer is then later used.
+
+Fix this by returning a refcount of 1 for a new glyph and always
+incrementing the refcount for a re-used glyph, followed by dropping that
+refcount back down again when we're done with it.
+
+CVE-2024-31083, ZDI-CAN-22880
+
+This vulnerability was discovered by:
+Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
+
+Part-of: <https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/1463>
+---
+ render/glyph.c         |  5 +++--
+ render/glyphstr_priv.h |  1 +
+ render/render.c        | 15 +++++++++++----
+ 3 files changed, 15 insertions(+), 6 deletions(-)
+
+diff --git a/render/glyph.c b/render/glyph.c
+index 850ea8440..13991f8a1 100644
+--- a/render/glyph.c
++++ b/render/glyph.c
+@@ -245,10 +245,11 @@ FreeGlyphPicture(GlyphPtr glyph)
+     }
+ }
+ 
+-static void
++void
+ FreeGlyph(GlyphPtr glyph, int format)
+ {
+     CheckDuplicates(&globalGlyphs[format], "FreeGlyph");
++    BUG_RETURN(glyph->refcnt == 0);
+     if (--glyph->refcnt == 0) {
+         GlyphRefPtr gr;
+         int i;
+@@ -354,7 +355,7 @@ AllocateGlyph(xGlyphInfo * gi, int fdepth)
+     glyph = (GlyphPtr) malloc(size);
+     if (!glyph)
+         return 0;
+-    glyph->refcnt = 0;
++    glyph->refcnt = 1;
+     glyph->size = size + sizeof(xGlyphInfo);
+     glyph->info = *gi;
+     dixInitPrivates(glyph, (char *) glyph + head_size, PRIVATE_GLYPH);
+diff --git a/render/glyphstr.h b/render/glyphstr.h
+index 2f51bd244..3b1d806d1 100644
+--- a/render/glyphstr.h
++++ b/render/glyphstr.h
+@@ -108,6 +108,7 @@ extern Bool
+ extern GlyphPtr FindGlyph(GlyphSetPtr glyphSet, Glyph id);
+ 
+ extern GlyphPtr AllocateGlyph(xGlyphInfo * gi, int format);
++extern void FreeGlyph(GlyphPtr glyph, int format);
+ 
+ extern Bool
+  ResizeGlyphSet(GlyphSetPtr glyphSet, CARD32 change);
+diff --git a/render/render.c b/render/render.c
+index 29c5055c6..fe5e37dd9 100644
+--- a/render/render.c
++++ b/render/render.c
+@@ -1076,6 +1076,7 @@ ProcRenderAddGlyphs(ClientPtr client)
+ 
+         if (glyph_new->glyph && glyph_new->glyph != DeletedGlyph) {
+             glyph_new->found = TRUE;
++            ++glyph_new->glyph->refcnt;
+         }
+         else {
+             GlyphPtr glyph;
+@@ -1168,8 +1169,10 @@ ProcRenderAddGlyphs(ClientPtr client)
+         err = BadAlloc;
+         goto bail;
+     }
+-    for (i = 0; i < nglyphs; i++)
++    for (i = 0; i < nglyphs; i++) {
+         AddGlyph(glyphSet, glyphs[i].glyph, glyphs[i].id);
++        FreeGlyph(glyphs[i].glyph, glyphSet->fdepth);
++    }
+ 
+     if (glyphsBase != glyphsLocal)
+         free(glyphsBase);
+@@ -1179,9 +1182,13 @@ ProcRenderAddGlyphs(ClientPtr client)
+         FreePicture((void *) pSrc, 0);
+     if (pSrcPix)
+         FreeScratchPixmapHeader(pSrcPix);
+-    for (i = 0; i < nglyphs; i++)
+-        if (glyphs[i].glyph && !glyphs[i].found)
+-            free(glyphs[i].glyph);
++    for (i = 0; i < nglyphs; i++) {
++        if (glyphs[i].glyph) {
++            --glyphs[i].glyph->refcnt;
++            if (!glyphs[i].found)
++                free(glyphs[i].glyph);
++        }
++    }
+     if (glyphsBase != glyphsLocal)
+         free(glyphsBase);
+     return err;
+-- 
+2.44.0
+

SOURCES/xvnc.service

@@ -32,7 +32,7 @@
 Description=XVNC Per-Connection Daemon
 
 [Service]
-ExecStart=-/usr/bin/Xvnc -inetd -query localhost -geometry 1024x768 -depth 24 -once -SecurityTypes=None -Log *:syslog:30
+ExecStart=-/usr/bin/Xvnc -inetd -query localhost -geometry 1024x768 -depth 24 -once -SecurityTypes=None
 User=nobody
 StandardInput=socket
 StandardError=syslog

SPECS/tigervnc.spec

@@ -5,12 +5,12 @@
 
 Name:           tigervnc
 Version:        1.13.1
-Release:        10%{?dist}
+Release:        8%{?dist}.3
 Summary:        A TigerVNC remote display system
 
 %global _hardened_build 1
 
-License:        GPLv2+
+License:        GPL-2.0-or-later
 URL:            http://www.tigervnc.com
 
 Source0:        %{name}-%{version}.tar.gz
@@ -24,7 +24,6 @@ Source5:        vncserver
 # Downstream patches
 Patch1:         tigervnc-use-gnome-as-default-session.patch
 Patch2:         tigervnc-vncsession-restore-script-systemd-service.patch
-Patch3:         tigervnc-dont-install-appstream-metadata-file.patch
 
 # Upstream patches
 Patch50:        tigervnc-support-username-alias-in-plainusers.patch
@@ -39,7 +38,14 @@ Patch100:       tigervnc-xserver120.patch
 Patch101:       0001-rpath-hack.patch
 
 # XServer patches
-Patch200:       xorg-CVE-2024-31083-followup.patch
+# CVE-2024-0229
+# https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/1251
+Patch200:       xorg-CVE-2024-0229-followup.patch
+Patch201:       xorg-CVE-2024-31080.patch
+Patch202:       xorg-CVE-2024-31081.patch
+Patch203:       xorg-CVE-2024-31082.patch
+Patch204:       xorg-CVE-2024-31083.patch
+Patch205:       xorg-CVE-2024-31083-followup.patch
 
 BuildRequires:  make
 BuildRequires:  gcc-c++
@@ -125,10 +131,12 @@ X session.
 
 %package server-minimal
 Summary:        A minimal installation of TigerVNC server
-Requires(post): chkconfig
-Requires(preun):chkconfig
+Requires(post): systemd
+Requires(preun): systemd
+Requires(postun): systemd
+Requires(post): systemd
 
-Requires:       mesa-dri-drivers, xkeyboard-config, xorg-x11-xkb-utils
+Requires:       mesa-dri-drivers, xkeyboard-config, xkbcomp
 Requires:       tigervnc-license, dbus-x11
 
 %description server-minimal
@@ -187,12 +195,16 @@ for all in `find . -type f -perm -001`; do
 done
 %patch100 -p1 -b .xserver120-rebased
 %patch101 -p1 -b .rpath
-%patch200 -p1 -b .xorg-CVE-2024-31083-followup
+%patch200 -p1 -b .xorg-CVE-2024-0229-followup
+%patch201 -p1 -b .xorg-CVE-2024-31080.patch
+%patch202 -p1 -b .xorg-CVE-2024-31081.patch
+%patch203 -p1 -b .xorg-CVE-2024-31082.patch
+%patch204 -p1 -b .xorg-CVE-2024-31083.patch
+%patch205 -p1 -b .xorg-CVE-2024-31083-followup.patch
 popd
 
 %patch1 -p1 -b .use-gnome-as-default-session
 %patch2 -p1 -b .vncsession-restore-script-systemd-service
-%patch3 -p1 -b .dont-install-appstream-metadata-file.patch
 
 # Upstream patches
 %patch50 -p1 -b .support-username-alias-in-plainusers
@@ -207,12 +219,22 @@ export CFLAGS="$RPM_OPT_FLAGS -fPIC"
 %else
 export CFLAGS="$RPM_OPT_FLAGS -fpic"
 %endif
-export CXXFLAGS="$CFLAGS"
+export CXXFLAGS="$CFLAGS -std=c++11"
 
-%{cmake} .
-make %{?_smp_mflags}
+%define __cmake_builddir %{_target_platform}
+
+mkdir -p %{%__cmake_builddir}
+
+%cmake
+
+%cmake_build
 
 pushd unix/xserver
+
+%if 0%{?fedora} > 32 || 0%{?rhel} >= 9
+sed -i 's@TIGERVNC_BUILDDIR=${TIGERVNC_SRCDIR}@TIGERVNC_BUILDDIR=${TIGERVNC_SRCDIR}/%{_target_platform}@g' hw/vnc/Makefile.am
+%endif
+
 autoreconf -fiv
 %configure \
         --disable-xorg --disable-xnest --disable-xvfb --disable-dmx \
@@ -235,7 +257,11 @@ make %{?_smp_mflags}
 popd
 
 # Build icons
+%if 0%{?fedora} > 32 || 0%{?rhel} >= 9
+pushd %{_target_platform}/media
+%else
 pushd media
+%endif
 make
 popd
 
@@ -244,19 +270,19 @@ pushd unix/vncserver/selinux
 make
 popd
 
-
 %install
-%make_install
+%cmake_install
+rm -f %{buildroot}%{_docdir}/%{name}-%{version}/{README.rst,LICENCE.TXT}
 
 pushd unix/xserver/hw/vnc
-make install DESTDIR=%{buildroot}
+%make_install
 popd
 
+# Install systemd unit file
 pushd unix/vncserver/selinux
 make install DESTDIR=%{buildroot}
 popd
 
-
 # Install systemd unit file
 install -m644 %{SOURCE1} %{buildroot}%{_unitdir}/xvnc@.service
 install -m644 %{SOURCE2} %{buildroot}%{_unitdir}/xvnc.socket
@@ -270,7 +296,21 @@ install -m644 tigervnc_$s.png %{buildroot}%{_datadir}/icons/hicolor/${s}x$s/apps
 done
 popd
 
+appstream-util validate-relax --nonet %{buildroot}%{_metainfodir}/org.tigervnc.vncviewer.metainfo.xml
+desktop-file-validate %{buildroot}%{_datadir}/applications/vncviewer.desktop
+
+%if 0%{?rhel} > 9
+# Install a replacement for /usr/bin/vncserver which will tell the user to read the
+# HOWTO.md file
+cat <<EOF > %{buildroot}/%{_bindir}/vncserver
+#!/bin/bash
+echo "vncserver has been replaced by a systemd unit."
+echo "Please read /usr/share/doc/tigervnc/HOWTO.md for more information."
+EOF
+chmod +x %{buildroot}/%{_bindir}/vncserver
+%else
 install -m 755 %{SOURCE5} %{buildroot}/%{_bindir}/vncserver
+%endif
 
 %find_lang %{name} %{name}.lang
 
@@ -281,15 +321,14 @@ mkdir -p %{buildroot}%{_sysconfdir}/X11/xorg.conf.d/
 install -m 644 %{SOURCE3} %{buildroot}%{_sysconfdir}/X11/xorg.conf.d/10-libvnc.conf
 
 %post server
-%systemd_post xvnc.service
+%systemd_post xvnc@.service
 %systemd_post xvnc.socket
 
 %preun server
-%systemd_preun xvnc.service
 %systemd_preun xvnc.socket
 
 %postun server
-%systemd_postun xvnc.service
+%systemd_postun xvnc@.service
 %systemd_postun xvnc.socket
 
 %pre selinux
@@ -311,6 +350,7 @@ fi
 %{_bindir}/vncviewer
 %{_datadir}/applications/*
 %{_mandir}/man1/vncviewer.1*
+%{_datadir}/metainfo/org.tigervnc.vncviewer.metainfo.xml
 
 %files server
 %config(noreplace) %{_sysconfdir}/pam.d/tigervnc
@@ -320,8 +360,8 @@ fi
 %{_unitdir}/vncserver@.service
 %{_unitdir}/xvnc@.service
 %{_unitdir}/xvnc.socket
-%{_bindir}/x0vncserver
 %{_bindir}/vncserver
+%{_bindir}/x0vncserver
 %{_sbindir}/vncsession
 %{_libexecdir}/vncserver
 %{_libexecdir}/vncsession-start
@@ -341,7 +381,7 @@ fi
 
 %files server-module
 %{_libdir}/xorg/modules/extensions/libvnc.so
-%config %{_sysconfdir}/X11/xorg.conf.d/10-libvnc.conf
+%config(noreplace) %{_sysconfdir}/X11/xorg.conf.d/10-libvnc.conf
 
 %files license
 %{_docdir}/tigervnc/LICENCE.TXT
@@ -354,243 +394,272 @@ fi
 %ghost %verify(not md5 size mode mtime) %{_sharedstatedir}/selinux/%{selinuxtype}/active/modules/200/%{modulename}
 
 %changelog
-* Mon Apr 15 2024 Jan Grulich <jgrulich@redhat.com> - 1.13.1-10
-- Drop patches that are already part of xorg-x11-server
-  Resolves: RHEL-30755
-  Resolves: RHEL-30767
-  Resolves: RHEL-30761
-
-* Thu Apr 04 2024 Jan Grulich <jgrulich@redhat.com> - 1.13.1-9
+* Tue Apr 16 2024 Jan Grulich <jgrulich@redhat.com> - 1.13.1-8.3
 - Fix CVE-2024-31080 tigervnc: xorg-x11-server: Heap buffer overread/data leakage in ProcXIGetSelectedEvents
-  Resolves: RHEL-30755
+  Resolves: RHEL-30756
 - Fix CVE-2024-31083 tigervnc: xorg-x11-server: User-after-free in ProcRenderAddGlyphs
-  Resolves: RHEL-30767
+  Resolves: RHEL-30768
 - Fix CVE-2024-31081 tigervnc: xorg-x11-server: Heap buffer overread/data leakage in ProcXIPassiveGrabDevice
-  Resolves: RHEL-30761
+  Resolves: RHEL-30762
 
 * Wed Feb 07 2024 Jan Grulich <jgrulich@redhat.com> - 1.13.1-8
 - Fix copy/paste error in the DeviceStateNotify
-  Resolves: RHEL-20530
+  Resolves: RHEL-20533
 
 * Mon Jan 22 2024 Jan Grulich <jgrulich@redhat.com> - 1.13.1-7
 - Fix CVE-2024-21886 tigervnc: xorg-x11-server: heap buffer overflow in DisableDevice
-  Resolves: RHEL-20388
+  Resolves: RHEL-20389
 - Fix CVE-2024-21885 tigervnc: xorg-x11-server: heap buffer overflow in XISendDeviceHierarchyEvent
-  Resolves: RHEL-20382
+  Resolves: RHEL-20383
 - Fix CVE-2024-0229 tigervnc: xorg-x11-server: reattaching to different master device may lead to out-of-bounds memory access
-  Resolves: RHEL-20530
+  Resolves: RHEL-20533
 - Fix CVE-2023-6816 tigervnc: xorg-x11-server: Heap buffer overflow in DeviceFocusEvent and ProcXIQueryPointer
-  Resolves: RHEL-21214
+  Resolves: RHEL-21213
 
 * Mon Jan 08 2024 Jan Grulich <jgrulich@redhat.com> - 1.13.1-6
 - Use dup() to get available file descriptor when using -inetd option
-  Resolves: RHEL-21000
+  Resolves: RHEL-19858
 
 * Mon Dec 18 2023 Jan Grulich <jgrulich@redhat.com> - 1.13.1-5
 - Fix CVE-2023-6377 tigervnc: xorg-x11-server: out-of-bounds memory reads/writes in XKB button actions
-  Resolves: RHEL-18410
+  Resolves: RHEL-18414
 - Fix CVE-2023-6478 tigervnc: xorg-x11-server: out-of-bounds memory read in RRChangeOutputProperty and RRChangeProviderProperty
-  Resolves: RHEL-18422
+  Resolves: RHEL-18426
 
 * Wed Nov 01 2023 Jan Grulich <jgrulich@redhat.com> - 1.13.1-4
 - Fix CVE-2023-5380 tigervnc: xorg-x11-server: Use-after-free bug in DestroyWindow
-  Resolves: RHEL-15236
+  Resolves: RHEL-15237
 
 - Fix CVE-2023-5367 tigervnc: xorg-x11-server: Out-of-bounds write in XIChangeDeviceProperty/RRChangeOutputProperty
-  Resolves: RHEL-15230
+  Resolves: RHEL-15249
 
 * Mon Oct 09 2023 Jan Grulich <jgrulich@redhat.com> - 1.13.1-3
 - Support username alias in PlainUsers
-  Resolves: RHEL-4258
+  Resolves: RHEL-8430
 
 * Tue Apr 11 2023 Jan Grulich <jgrulich@redhat.com> - 1.13.1-2
 - xorg-x11-server: X.Org Server Overlay Window Use-After-Free Local Privilege
   Escalation Vulnerability
-  Resolves: bz#2180306
+  Resolves: bz#2180310
 
 * Tue Mar 21 2023 Jan Grulich <jgrulich@redhat.com> - 1.13.1-1
 - 1.13.1
-  Resolves: bz#2175748
-- Restore "--fallbacktofreeport" option in the vncserver script
-  Resolves: bz#2174398
+  Resolves: bz#2175732
 
-* Thu Dec 08 2022 Jan Grulich <jgrulich@redhat.com> - 1.12.0-9
-- Bump build version to fix upgrade path
-  Resolves: bz#1437569
+* Tue Feb 21 2023 Jan Grulich <jgrulich@redhat.com> - 1.12.0-12
+- SELinux: allow vncsession create .vnc directory
+  Resolves: bz#2164703
 
-* Fri Nov 18 2022 Jan Grulich <jgrulich@redhat.com> - 1.12.0-8
+* Wed Feb 15 2023 Jan Grulich <jgrulich@redhat.com> - 1.12.0-11
+- Add sanity check when cleaning up keymap changes
+  Resolves: bz#2169965
+
+* Mon Feb 06 2023 Jan Grulich <jgrulich@redhat.com> - 1.12.0-10
+- xorg-x11-server: DeepCopyPointerClasses use-after-free leads to privilege elevation
+  Resolves: bz#2167061
+
+* Tue Dec 20 2022 Tomas Popela <tpopela@redhat.com> - 1.12.0-9
+- Rebuild for xorg-x11-server CVE-2022-46340 follow up fix
+
+* Fri Dec 16 2022 Jan Grulich <jgrulich@redhat.com> - 1.12.0-8
+- Rebuild for xorg-x11-server CVEs
+  Resolves: CVE-2022-4283 (bz#2154234)
+  Resolves: CVE-2022-46340 (bz#2154221)
+  Resolves: CVE-2022-46341 (bz#2154224)
+  Resolves: CVE-2022-46342 (bz#2154226)
+  Resolves: CVE-2022-46343 (bz#2154228)
+  Resolves: CVE-2022-46344 (bz#2154230)
+
+* Thu Dec 01 2022 Jan Grulich <jgrulich@redhat.com> - 1.12.0-7
 - x0vncserver: add new keysym in case we don't find matching keycode
-  Resolves: bz#1437569
+  + actually apply the patch
+  Resolves: bz#2119017
 
-* Wed Aug 24 2022 Jan Grulich <jgrulich@redhat.com> - 1.12.0-7
+* Thu Dec 01 2022 Jan Grulich <jgrulich@redhat.com> - 1.12.0-6
+- x0vncserver: add new keysym in case we don't find matching keycode
+  Resolves: bz#2119017
+
+* Mon Oct 24 2022 Jan Grulich <jgrulich@redhat.com> - 1.12.0-5
 - x0vncserver: fix ghost cursor in zaphod mode (better version)
-  Resolves: bz#2109679
+  Resolves: bz#2119016
 
-* Wed Aug 17 2022 Jan Grulich <jgrulich@redhat.com> - 1.12.0-6
-- x0vncserver: fix ghost cursor in zaphod mode
-  Resolves: bz#2109679
+* Tue May 31 2022 Jan Grulich <jgrulich@redhat.com> - 1.12.0-4
+- Add BR: libXdamage, libXfixes, libXrandr
+  Resolves: bz#2091833
 
-* Tue May 31 2022 Jan Grulich <jgrulich@redhat.com> - 1.12.0-5
-- BR: libXdamage, libXfixes, libXrandr
-  Resolves: bz#2088733
+* Tue Apr 05 2022 Jan Grulich <jgrulich@redhat.com> - 1.12.0-3
+- Do not run systemd_preun on Xvnc service file
+  Resolves: bz#2048011
 
-* Tue Feb 08 2022 Jan Grulich <jgrulich@redhat.com> - 1.12.0-4
+* Mon Apr 04 2022 Jan Grulich <jgrulich@redhat.com> - 1.12.0-2
+- Drop unexisting option from the old vncserver script
+  Resolves: bz#2021893
+
+* Wed Mar 23 2022 Jan Grulich <jgrulich@redhat.com> - 1.12.0-1
+- 1.12.0 + sync with Fedora
+  Resolves: bz#2048011
+  Resolves: bz#2021893
+
+* Mon Feb 07 2022 Jan Grulich <jgrulich@redhat.com> - 1.11.0-21
 - Added vncsession-restore script for SELinux policy migration
   Fix SELinux context for root user
-  Resolves: bz#2021892
+  Resolves: bz#2049506
 
-* Fri Jan 21 2022 Jan Grulich <jgrulich@redhat.com> - 1.12.0-3
-- Fix crash in vncviewer
-  Resolves: bz#2021892
+* Fri Nov 26 2021 Jan Grulich <jgrulich@redhat.com> - 1.11.0-20
+- Rebuild for absence in RHEL 9.0
+  Resolves: bz#1985858
 
-* Fri Jan 14 2022 Jan Grulich <jgrulich@redhat.com> - 1.12.0-2
-- Remove unavailable option from vncserver script
-  Resolves: bz#2021892
+* Mon Aug 16 2021 Jan Grulich <jgrulich@redhat.com> - 1.11.0-19
+- Sync upstream patches + drop unused patches
+  Resolves: bz#1985858
 
-* Fri Jan 14 2022 Jan Grulich <jgrulich@redhat.com> - 1.12.0-1
-- 1.12.0
-  Resolves: bz#2021892
+* Tue Aug 10 2021 Mohan Boddu <mboddu@redhat.com> - 1.11.0-18
+- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
+  Related: rhbz#1991688
 
-* Mon Jul 19 2021 Jan Grulich <jgrulich@redhat.com> - 1.11.0-9
+* Mon Jul 19 2021 Jan Grulich <jgrulich@redhat.com> - 1.11.0-17
 - Fix logout from VNC session using vncserver
-  Resolves: bz#1983706
+  Resolves: bz#1983704
 
-* Tue Jun 01 2021 Jan Grulich <jgrulich@redhat.com> - 1.11.0-8
-- Run all SELinux RPM macros on correct package
-  Resolves: bz#1907963
+* Tue Jun 01 2021 Jan Grulich <jgrulich@redhat.com> - 1.11.0-16
+- Bump version for rebuild (binutils)
+  Resolves: bz#1961488
 
-* Mon May 17 2021 Jan Grulich <jgrulich@redhat.com> - 1.11.0-7
+* Mon May 17 2021 Jan Grulich <jgrulich@redhat.com> - 1.11.0-14
 - SELinux improvements
-  Resolves: bz#1907963
+  Resolves: bz#1961488
 
-* Tue Dec 15 2020 Jan Grulich <jgrulich@redhat.com> - 1.11.0-6
-- Use GNOME as default session
-  Resolves: bz#1853608
+- Fix endianness issue on s390x
+  Resolves: bz#1963029
 
-* Thu Dec 03 2020 Jan Grulich <jgrulich@redhat.com> - 1.11.0-5
-- Make sure we log properly output to journal (actually log to syslog)
-  Resolves: bz#1841537
+* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 1.11.0-13
+- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
 
-* Thu Dec 03 2020 Jan Grulich <jgrulich@redhat.com> - 1.11.0-4
-- Make sure we log properly output to journal
-  Resolves: bz#1841537
+* Mon Mar 08 2021 Jan Grulich <jgrulich@redhat.com> - 1.11.0-12
+- Include RHEL8 patches
 
-* Wed Nov 18 2020 Jan Grulich <jgrulich@redhat.com> - 1.11.0-3
-- vncserver: ignore new "session" parameter from the new systemd support
-  Resolves: bz#1897504
+* Fri Mar 05 2021 Jan Grulich <jgrulich@redhat.com> - 1.11.0-11
+- Enable old vncserver script for RHEL 9
 
-* Wed Nov 18 2020 Jan Grulich <jgrulich@redhat.com> - 1.11.0-2
-- Revert removal of vncserver
-  Resolves: bz#1897504
-- Correctly start vncsession as a daemon
-  Resolves: bz#1897498
+* Wed Jan 27 2021 Fedora Release Engineering <releng@fedoraproject.org> - 1.11.0-10
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
 
-* Tue Oct 20 2020 Jan Grulich <jgrulich@redhat.com> - 1.11.0-1
-- Update to 1.11.0
-  Resolves: bz#1880985
-- Backport fix to allow Tigervnc use boolean values in config files
-  Resolves: bz#1883415
+* Thu Dec 10 07:45:46 CET 2020 Jan Grulich <jgrulich@redhat.com> - 1.11.0-9
+- vncserver: ignore new session parameter from the new systemd support
 
-* Wed Sep 30 2020 Jan Grulich <jgrulich@redhat.com> - 1.10.1-8
-- Tolerate specifying -BoolParam 0 and similar
-  Resolves: bz#1883415
+* Fri Nov 13 14:08:29 CET 2020 Jan Grulich <jgrulich@redhat.com> - 1.11.0-8
+- Use /run instead of /var/run which is just a symlink
 
-* Wed Jul 08 2020 Jan Grulich <jgrulich@redhat.com> - 1.10.1-7
-- Enable server module on s390x
-  Resolves: bz#1854925
+* Thu Nov 05 2020 Peter Hutterer <peter.hutterer@redhat.com> 1.11.0-7
+- Require xkbcomp directly, not xorg-x11-xkb-utils. The latter has had
+  Provides xkbcomp for years.
 
-* Fri Jul 03 2020 Jan Grulich <jgrulich@redhat.com> - 1.10.1-6
-- Remove trailing spaces in user name
-  Resolves: bz#1852432
+* Tue Sep 29 13:12:22 CEST 2020 Jan Grulich <jgrulich@redhat.com> - 1.11.0-6
+- Backport upstream fix allowing Tigervnc to specify boolean valus in configuration
+- Revert removal of vncserver for F32 and F33
 
-* Thu Jun 25 2020 Jan Grulich <jgrulich@redhat.com> - 1.10.1-5
-- Install the HOWTO file to correct location
+* Thu Sep 24 07:14:06 CEST 2020 Jan Grulich <jgrulich@redhat.com> - 1.11.0-5
+- Actually install the HOWTO.md file
+
+* Wed Sep 23 2020 Jan Grulich <jgrulich@redhat.com> - 1.11.0-4
+- Call systemd macros on correct service file
+
+* Tue Sep 22 2020 Jan Grulich <jgrulich@redhat.com> - 1.11.0-3
+- Do not overwrite libvnc.conf config file
+
+* Thu Sep 17 2020 Jan Grulich <jgrulich@redhat.com> - 1.11.0-2
 - Add /usr/bin/vncserver file informing users to read the HOWTO.md file
-  Resolves: bz#1790443
 
-* Mon Jun 15 2020 Jan Grulich <jgrulich@redhat.com> - 1.10.1-4
-- Improve SELinux policy
-  Resolves: bz#1790443
+* Wed Sep 09 2020 Jan Grulich <jgrulich@redhat.com> - 1.11.0-1
+- 1.11.0
 
-* Mon Jun 15 2020 Jan Grulich <jgrulich@redhat.com> - 1.10.1-3
-- Add a HOWTO.md file with instructions how to start VNC server
-  Resolves: bz#1790443
+* Mon Aug 24 2020 Jan Grulich <jgrulich@redhat.com. - 1.10.90-1
+- Update to 1.10.90 (1.11.0 beta)
 
-* Tue May 26 2020 Jan Grulich <jgrulich@redhat.com> - 1.10.1-2
-- Make the systemd service run also for root user
-  Resolves: bz#1790443
+* Sat Aug 01 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.10.1-9
+- Second attempt - Rebuilt for
+  https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
 
-* Mon Apr 27 2020 Jan Grulich <jgrulich@redhat.com> - 1.10.1-1
+* Wed Jul 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.10.1-8
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
+
+* Tue Jul 14 2020 Tom Stellard <tstellar@redhat.com> - 1.10.1-7
+- Use make macros
+- https://fedoraproject.org/wiki/Changes/UseMakeBuildInstallMacro
+
+* Sat Jul 11 2020 Jiri Vanek <jvanek@redhat.com> - 1.10.1-6
+- Rebuilt for JDK-11, see https://fedoraproject.org/wiki/Changes/Java11
+
+* Sun Apr 19 2020 Jan Grulich <jgrulich@redhat.com> - 1.10.1-5
+- Requires: dbus-x11
+  Resolves: bz#1825331
+
+* Fri Mar 13 2020 Olivier Fourdan <ofourdan@redhat.com> - 1.10.1-4
+- Fix build with xserver 1.20.7
+
+* Fri Jan 31 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.10.1-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
+
+* Mon Jan 13 2020 Jan Grulich <jgrulich@redhat.com> - 1.10.1-2
+- Build with -std=c++11
+
+* Fri Dec 20 2019 Jan Grulich <jgrulich@redhat.com> - 1.10.1-1
 - Update to 1.10.1
-  Resolves: bz#1806992
 
-- Add proper systemd support
-  Resolves: bz#1790443
+* Tue Dec 10 2019 Jan Grulich <jgrulich@redhat.com> - 1.10.0-2
+- Properly install systemd files
 
-* Tue Jan 28 2020 Jan Grulich <jgrulich@redhat.com> - 1.9.0-13
-- Bump build because of z-stream
-  Resolves: bz#1671714
+* Mon Nov 18 2019 Jan Grulich <jgrulich@redhat.com> - 1.10.0-1
+- Update to 1.10.0
 
-* Wed Dec 11 2019 Jan Grulich <jgrulich@redhat.com> - 1.9.0-12
-- Fix installation of systemd files
-  Resolves: bz#1671714
+* Fri Oct 18 2019 Jan Grulich <jgrulich@redhat.com> - 1.9.90-1
+- Update to 1.9.90 (1.10 beta)
+- Add systemd user service file
+- Use a wrapper for systemd system service file to workaround systemd limitations
 
-* Wed Nov 20 2019 Jan Grulich <jgrulich@redhat.com> - 1.9.0-11
-- Use wrapper script to workaround systemd issues
-  Resolves: bz#1671714
+* Sat Jul 27 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.9.0-7
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
 
-* Fri Jul 12 2019 Jan Grulich <jgrulich@redhat.com> - 1.9.0-10
-- Do not return returncode indicating error when running "vncserver -list"
-  Resolves: bz#1727860
+* Fri Jul 19 2019 Dan Horák <dan[at]danny.cz> - 1.9.0-6
+- drop the s390x special handling (related #1727029)
 
-* Fri Feb 08 2019 Jan Grulich <jgrulich@redhat.com> - 1.9.0-9
-- Make tigervnc systemd service a user service
-  Resolves: bz#1639846
+* Wed Jun 12 2019 Jan Grulich <jgrulich@redhat.com> - 1.9.0-5
+- Add missing arguments to systemd_postun scriptlets
+  Resolves: bz#1716411
 
-* Mon Jan 21 2019 Jan Grulich <jgrulich@redhat.com> - 1.9.0-8
-- Kill the session automatically only when Gnome is installed
-  Resolves: bz#1665876
+* Sun Feb 03 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.9.0-4
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
 
-* Tue Nov 20 2018 Jan Grulich <jgrulich@redhat.com> - 1.9.0-7
-- Improve coverity scan fixes
-  Resolves: bz#1602714
-
-  Inform whether view-only password is used or not
-  Resolves: bz#1639169
-
-  Backport fixes from RHEL 7
-  Resolves: bz#1651254
-
-* Tue Oct 09 2018 Jan Grulich <jgrulich@redhat.com> - 1.9.0-6
+* Tue Sep 25 2018 Jan Grulich <jgrulich@redhat.com> - 1.9.0-3
 - Do not crash passwd when using malloc perturb checks
-  Resolves: bz#1637086
-
-* Mon Oct 08 2018 Jan Grulich <jgrulich@redhat.com> - 1.9.0-5
-- Improve coverity scan fixes
-  Resolves: bz#1602714
-
-* Wed Oct 03 2018 Jan Grulich <jgrulich@redhat.com> - 1.9.0-4
-- Improve coverity scan fixes
-  Resolves: bz#1602714
-
-* Wed Oct 03 2018 Jan Grulich <jgrulich@redhat.com> - 1.9.0-3
-- Fix some coverity scan issues
-  Resolves: bz#1602714
+  Resolves: bz#1631483
 
 * Wed Aug 01 2018 Jan Grulich <jgrulich@redhat.com> - 1.9.0-2
-- Remove dependency on initscripts
+- Ignore buttons in mouse leave events
+  Resolves: bz#1609516
 
 * Tue Jul 17 2018 Jan Grulich <jgrulich@redhat.com> - 1.9.0-1
-- Update to 1.9.0 + sync with Fedora
+- Update to 1.9.0
 
-* Tue Jun 12 2018 Adam Jackson <ajax@redhat.com> - 1.8.0-10
-- Fix GLX initialization with Xorg 1.20
+* Sat Jul 14 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1.8.90-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
 
-* Tue May 29 2018 Jan Grulich <jgrulich@redhat.com> - 1.8.0-9
-- Build against Xorg 1.20
+* Wed Jul  4 2018 Peter Robinson <pbrobinson@fedoraproject.org> 1.8.90-2
+- Clean up spec: use macros consistenly, drop old sys-v migrations
+- Drop ancient obsolete/provides
 
-* Mon May 14 2018 Jan Grulich <jgrulich@redhat.com> - 1.8.0-8
-- Drop BR: ImageMagick
+* Thu Jun 14 2018 Jan Grulich <jgrulich@redhat.com> - 1.8.90-1
+- Update to 1.8.90
+
+* Wed Jun 13 2018 Jan Grulich <jgrulich@redhat.com> - 1.8.0-10
+- Fix tigervnc systemd unit file
+  Resolves: bz#1583159
+
+* Wed Jun 06 2018 Adam Jackson <ajax@redhat.com> - 1.8.0-9
+- Fix GLX initialization with 1.20
+
+* Wed Apr 04 2018 Adam Jackson <ajax@redhat.com> - 1.8.0-8
+- Rebuild for xserver 1.20
 
 * Fri Feb 09 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1.8.0-7
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild